We performed a comparison between Cisco Secure Firewall and Forcepoint Next Generation Firewall based on real PeerSpot user reviews.
Find out in this report how the two Firewalls solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Some of the key features of the solution is that it has good reporting, you can receive many details from the connection, for example, clients and website information."
"Unified Threat Management (UTM) features."
"I like that you are able to manage FortiGate from the FortiManager to create a more centralized environment."
"Layer-3 firewall and routing are the most valuable features."
"The most valuable features of Fortinet FortiGate are the ability to work in proxy mode, which other solutions, such as Palo Alto cannot. There are some features that are better that come at no extra license or subscriptions cost, such as basic SD-WAN. The DLT is useful, other solutions have the same feature too, such as Palo Alto."
"The most valuable features of Fortinet FortiGate are the rules and quality of service."
"The reporting and monitoring are very good."
"We use a southern institution that's audited for IT security and the reporting that automatically comes off the unit makes it much easier to meet compliance standards and makes it easier as far as the amount of time that has to be spent to compile that information. If you get your reporting set up correctly when you initially set it up, you just select the one you want and hit print. The auditing trail on it is the best feature."
"An eight because it's a good security solution. It's more mature than its competitors."
"Web filtering is a big improvement for us. The previous version we used, the AC520, did not have that feature included. It was not very easy for us, especially because the environment had to be isolated and we needed to get updates from outside, such as Windows patches. That feature has really helped us when we are going outside to pull those patches."
"We found the initial setup to be easy."
"Right now, Cisco ASA NGFW has given us a lot of improvement. We are planning to move to a new facility and will be a much larger organization."
"The interface is user-friendly."
"The stability is very good; there's no vagueness. Either it works or it doesn't, and it's also very easy to find out why."
"Our company operates in Saudi Arabia, primarily working with government sectors. If any hardware malfunctions, the defective device is removed, and we receive a replacement from the reseller. We have not encountered any issues related to delays in receiving replacements for malfunctioning devices which has been beneficial."
"ASA integrates with FirePOWER, IPS functionality, malware filtering, etc. This functionality wasn't there in the past. With its cloud architecture, Cisco can filter traffic at the engine layer. Evasive encryptions can be entered into the application, like BitTorrent or Skype. This wasn't possible to control through a traditional firewall."
"Forcepoint is a complete package because it has network and systems applications. Other firewalls are only for the network."
"The blocking, based on the signal provided, is the solution's most valuable aspect."
"It is a scalable product. I know a customer who has deployed more than 4,000 firewalls in a single deployment."
"The initial setup is very easy."
"When comparing this solution to others this one has better reporting, user management, and is easy to use."
"One of the most valuable features is having the ability to cluster multiple firewalls even if they are different versions."
"It is a stable solution, and there are no issues so far."
"It provides decent protection for the LAN, especially in run mode."
"It is very expensive, and their support is not very good. I hope that their technical support will be better in the future."
"The main aspect of FortiGate that could be improved is load balancing. Our management team does not want to buy another appliance for only load balancing."
"If I had any criticism that I would give FortiGate, it would be that they need to stop changing their logging format. Every time we do a firmware upgrade, it is a massive issue on the SIM. Parsers have to be rebuilt. Even the FortiGate guys came in and said that they don't play well in the sandbox."
"Fortinet FortiGate could improve by adding FortiAnalyzer to its solution, we should not have to use another solution. FortiAnalyzer can provide more detailed information."
"I could not configure sFlow from the FortiGate graphical user interface. I realized that the sFlow configuration is available only from the CLI, and discovered that sFlow is not supported on virtual interfaces, such as VDOM links, IPsec, or GRE."
"One of the problems I was having was with user mapping, and it is an issue for which I have escalated tickets with Fortinet support."
"The feedback that I have received is that the performance could be better, and the user experience is not as good compared to a previous solution we used. It could be more user-friendly. Of course, it still works fine for our operations."
"I would like to see improvements in the support from Fortinet. Here in the Philippines, whenever we have problems with a Fortinet product, we mostly ask for support from distributors and resellers and not directly from Fortinet."
"The only drawback of the user interface is when it comes to policies. When you open it and click on the policies, you have to move manually left and right if you want to see the whole field within the cell. Checkpoint has a very detailed user interface."
"It's not unexpected, but it's a common scenario where customers request dual layers of security. For instance, when dealing with regulatory compliance, especially in financial sectors regulated by entities like the Central Bank, having two distinct units is often mandated. If a client predominantly uses a solution like Palo Alto, they may need to incorporate another vendor such as Cisco or Forti. Importantly, there's a significant disparity in interfaces and management platforms between these vendors, necessitating careful consideration when integrating them into the overall security architecture"
"It is a good firewall, though not NextGen."
"If they want to add better features to the current Cisco ASA, they can start by increasing the encryption. That is the only thing they need to improve."
"It needs more tunneling capabilities."
"The GUI interface could be improved when compared to other solutions."
"We are Cisco partners, and when we recommend Cisco FirePower to customers, they always think that FirePower is bad. For a single installation of FirePower, if I have to write about 18 tickets to Cisco, it's a big problem. There was an issue was related to Azure. We had Active Directory in Azure. The clients had to connect to FirePower through Azure. We had a lot of group policies. After two group policies, we had to make groups in Azure, and they had to sign in and sign back. It was a triple-layer authentication, and there was a big problem, so we didn't use it."
"In general, they can make it easier to manage the solutions. They can make it easier in terms of administration and provide a single tool for different firewalling solutions. They have different tools to manage different firewalls, such as Firepower or ASA. Sometimes, both are on the same thing. You have ASA with Firepower modules, so you manage some of the things via HTML, and then you manage some of the things via another management tool. It's not seamless."
"They need to increase the local support here. There are also some bugs or fixes on which they need to work. They very well know about these bugs. In terms of licensing, I would like them to either increase the number of features in a single license or make licensing more flexible."
"Configuration is not easy because it has an old-fashioned interface. The configuration interface is highly complex, and it's been the same for years. They have to change the interface."
"It's a complicated firewall. Until you come to know the firewall inducers, most people don't like the firewall because the components for the firewall are a little bit complex. User-friendliness is a little bit tough. It needs to be user-friendly when creating policies, and pushing policies. Committing takes more time compared to Palo Alto."
"The solution's support could use improvement."
"While they offer a comprehensive bundled solution, some users may prefer on-premise deployments for certain features, such as URL filtering."
"Forcepoint Next Generation Firewall could change its interface, allowing standard or direct connect modes to be configured."
"My team is looking for more throughput and better integration with our security framework."
"They should have a GUI on the product itself, not a separate management tool to be used on the management server or on a server to be used to manage the file. It should be all in one device. The device should be controlled through its own GUI. They also have to improve the learning center and the documents as the documents don't really help."
More Forcepoint Next Generation Firewall Pricing and Cost Advice →
Cisco Secure Firewall is ranked 4th in Firewalls with 404 reviews while Forcepoint Next Generation Firewall is ranked 25th in Firewalls with 40 reviews. Cisco Secure Firewall is rated 8.2, while Forcepoint Next Generation Firewall is rated 7.6. The top reviewer of Cisco Secure Firewall writes "Highlights and helps us catch Zero-day vulnerabilities traveling across our network". On the other hand, the top reviewer of Forcepoint Next Generation Firewall writes "Provides decent protection for the LAN but complicated interface". Cisco Secure Firewall is most compared with Palo Alto Networks WildFire, Netgate pfSense, Meraki MX, Sophos XG and Palo Alto Networks NG Firewalls, whereas Forcepoint Next Generation Firewall is most compared with Palo Alto Networks Advanced Threat Prevention, Check Point NGFW, Sophos XG, Netgate pfSense and Darktrace. See our Cisco Secure Firewall vs. Forcepoint Next Generation Firewall report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.