Cisco Secure Firewall vs Fortinet FortiGate comparison

Cisco and Fortinet are both solutions in the Firewalls category. Cisco is ranked #7 with an average rating of 8.2, while Fortinet is ranked #2 with an average rating of 8.3. Cisco holds a 5.8% mindshare in Firewalls, compared to Fortinet’s 21.1% mindshare. Additionally, 83% of Cisco users are willing to recommend the solution, compared to 90% of Fortinet users who would recommend it.

Cisco Secure Firewall

Read 409 Cisco Secure Firewall reviews

29,751 Views
17,423 Comparison Views

83% willing to recommend

Fortinet FortiGate

Read 318 Fortinet FortiGate reviews

78,842 Views
58,697 Comparison Views

90% willing to recommend

Cisco Secure Firewall

Fortinet FortiGate

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Mar 9, 2025

Cisco Secure Firewall and Fortinet FortiGate compete in the network security space. Cisco Secure Firewall provides simpler deployment and valuable pricing options. Fortinet FortiGate excels with rich, feature-packed offerings.

Features: Cisco Secure Firewall integrates well with threat intelligence, ensuring network visibility and control. It's appreciated for its advanced threat detection features. Additionally, it offers robust network policy management capabilities. Fortinet FortiGate includes extensive security services and advanced intruder protection. It features robust application control and provides effective web filtering and IPS.

Room for Improvement: Cisco Secure Firewall could enhance its user interface for more intuitive navigation. Increasing its integration capabilities with third-party tools could broaden its appeal. Options for more advanced reporting features would benefit users. Fortinet FortiGate has a steep learning curve for some configurations, which could be streamlined. Its documentation can be made more comprehensive. Additionally, users would benefit from improved customer support response times.

Ease of Deployment and Customer Service: Cisco Secure Firewall generally offers a straightforward deployment process with strong customer support, which helps with both initial setup and ongoing management. In contrast, Fortinet FortiGate, despite its complex deployment, provides adequate collaboration with support teams and comprehensive documentation to aid deployment effectively.

Pricing and ROI: Cisco Secure Firewall is known for value through competitive pricing, including support, ensuring effective ROI. Initial costs for Fortinet FortiGate may be higher, but it offers a long-term ROI through its advanced features and robust security capabilities.

To learn more, read our detailed Cisco Secure Firewall vs. Fortinet FortiGate Report (Updated: March 2025).

Buyer's Guide

Cisco Secure Firewall vs. Fortinet FortiGate

March 2025

Download the complete report

Helped 842,767 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Cisco Secure Firewall

Ranking in Firewalls

7th

Average Rating

8.2

Reviews Sentiment

7.1

Number of Reviews

409

Ranking in other categories

Cisco Security Portfolio (4th)

Fortinet FortiGate

Ranking in Firewalls

2nd

Average Rating

8.4

Reviews Sentiment

7.2

Number of Reviews

318

Ranking in other categories

Software Defined WAN (SD-WAN) Solutions (1st), WAN Edge (1st)

Mindshare comparison

As of April 2025, in the Firewalls category, the mindshare of Cisco Secure Firewall is 5.8%, up from 5.5% compared to the previous year. The mindshare of Fortinet FortiGate is 21.1%, up from 17.7% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Firewalls

Featured Reviews

Maharajan S

VSO at a computer software company with 501-1,000 employees

Enhances security with precise access control but has integration challenges

Overall, I would rate the product six out of ten. Because of the support and cost, I moved away from Cisco, but otherwise, it is a good product. Recommendation depends on the requirement. If lacking a proper team and being dependent on the OEM and partner, Cisco is not suitable. However, if the team is qualified with Cisco-certified people and the requirement is a big network, it can be considered. In today's hybrid work world, having an expanded gateway is more typical than having a single one. Thus, Cisco is unlikely to be recommended for a hybrid requirement unless in-house skills align. Otherwise, depending on partners and Cisco, it can be a risk. I rate the overall solution six out of ten.

Read full review

EhabAli

Sr. Cybersecurity Solutions Architect at BMB

Efficient, user-friendly, and affordable

In the past, NSS Labs was utilized to test files and verify the numbers and datasheets. It would be beneficial to have an organization or testing lab that can verify the numbers in our datasheets since changes are frequently made, which can be inconvenient for review. For instance, when comparing different competitors such as Forcepoint, Palo Alto, and Check Point, the throughput or numbers in the datasheet may be lower than the actual numbers. Conversely, Fortinet typically reports very high numbers, but they cannot be replicated in the real world. Therefore, it would be advantageous for them to partner with a neutral testing organization such as NSS Labs to validate these numbers, thus providing more credibility and comfort to everyone regarding the accuracy of the datasheets. For the migration, everyone has a firewall in use and I am selling Fortinet. Typically, I am replacing another firewall. Previously, there was a tool available to convert configurations from one firewall, such as Palo Alto, to Fortinet, but this tool is no longer free. If it could be made free again, it would be very beneficial. This tool shows a lot of promise and is very good. Making it free would help many companies deliver their products in a more efficient and integrated way. It would also be more valuable to include the tool with the firewall package or license instead of having to pay extra for it. Paying extra puts more pressure on small companies to deliver the firewall and complete the configuration, especially if they have hundreds or thousands of policies. It's very painful to move through these policies line by line. The stability has room for improvement. When it comes to Secure SD-WAN, everything is fine. They are going the right way. SD-WAN is very promising. They can provide the SD-WAN solution separately, but they will not take this approach because even the smallest firewall can support the features, so there is no need to have a separate service or appliance. They are following the right steps, and there is nothing to be improved. Feature-wise, I'm really satisfied with the new release, and the features they have added. For now, it's fine.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"All the features except IPS are valuable. IPS is not a part of my job."

"FMC is very good in terms of giving a lot of visibility into what the firewall is seeing, what it's stopping, and what it's letting through. It lets the administrator have a little bit of knowledge of what's coming in or out of the device. It's excellent."

"URL filtering is valuable."

"ASDM provides GUI for configurations. The ASDM has made configuring ASA easy. No need to memorize CLI commands."

"We use the solution for deep packet inspection, Internet Edge functionality, IDS, and IDP."

"The most valuable feature is that it's secure."

"The most valuable features are the flexibility and level of security that this solution provides."

"The most valuable features for my client are the ASDM and monitoring."

More Cisco Secure Firewall pros

"The most valuable feature is the SSL VPN, as it allows us to connect and it separates this product from other firewalls."

"Good load balancing feature."

"The inspection and web security features are most valuable."

"The UTM feature is quite good. FortiAP is easy to deploy because both Fortigate and FortiAP are under the same brand. Otherwise, you need to do more work on the configuration."

"This is a quality product with ok support, and it is better than the competition we've tried."

"I'm pretty happy with its reliability. It is also very scalable."

"Fortinet FortiGate's reliability is valuable."

"The most valuable feature is the bundled subscription, which is IPS, TV and web filtering."

More Fortinet FortiGate pros

Cons

"Its implementation was not straightforward. It was mainly because we were running two projects together."

"The IPS module is combined with the main operating system."

"There's a little bit of a disconnect between Firepower’s management and the rest of the products, like DNA and Prime. The solution should have fewer admin portals for network, security, and firewalls."

"When comparing the graphical interface of this solution to other vendors it is more difficult to configure. There is a higher learning curve for administrators in this solution."

"We are Cisco partners, and when we recommend Cisco FirePower to customers, they always think that FirePower is bad. For a single installation of FirePower, if I have to write about 18 tickets to Cisco, it's a big problem. There was an issue was related to Azure. We had Active Directory in Azure. The clients had to connect to FirePower through Azure. We had a lot of group policies. After two group policies, we had to make groups in Azure, and they had to sign in and sign back. It was a triple-layer authentication, and there was a big problem, so we didn't use it."

"You shouldn't have to use the ASDM to help manage the client."

"One of my colleagues is using the firewall as an IPS, but he is worried about Firepower's performance... With the 10 Gb devices, when it gets to 5 Gbps, the CPU usage goes up a lot and he cannot manage the IPS."

"FlexConfig is there as a bridge for features that are not yet natively integrated into Firepower. It is a way of allowing you to be able to configure things that wouldn't otherwise be possible until the development team can add them into Firepower's native capability. There is still some work that needs to be done around FlexConfig. There are still quite a few complex things, like policy-based routing, that have to be done in FlexConfig, and it doesn't always work perfectly. Sometimes, there are some glitches. It is recommended that you configure FlexConfig policies with Cisco TAC. It would be good to see Cisco accelerate some of those configurations that you can only do in FlexConfig into the platform, so that they are there natively."

More Cisco Secure Firewall cons

"The performance and speed are aspects of the solution that could always be improved upon."

"For the migration, everyone has a firewall in use and I am selling Fortinet. Typically, I am replacing another firewall. Previously, there was a tool available to convert configurations from one firewall, such as Palo Alto, to Fortinet, but this tool is no longer free. If it could be made free again, it would be very beneficial."

"It does not have key authentication for admin access."

"FortiOS is not simple."

"The stability of Fortinet FortiGate could improve."

"Regarding challenges, customers initially faced issues like internet dropping, but after firmware upgrades, everything worked well."

"The solution could have licensing fees reduced in the future."

"The configuration part was challenging, especially converting configurations from another OEM to FortiGate."

More Fortinet FortiGate cons

Pricing and Cost Advice

"In the past, I encountered several difficulties and misunderstandings with Cisco licensing, but now the situation has improved. The Cisco Smart Software portal is an excellent resource for keeping track of, upgrading, and researching information related to Smart Licensing and other relevant topics. It is extremely helpful. Unfortunately, since it is not my money and there is only one vendor, I am unable to provide any comments on the prices. Nevertheless, the system, along with its provision through the Cisco Smart Software portal, as well as the traditional license and subscription models, are excellent and highly beneficial."

"Some of our customers would be more likely to standardize on Cisco equipment if the cost was lower because a lot of people install cheap equipment."

"The pricing could always be cheaper."

"This solution might be expensive, but it is economical in the long run."

"It requires additional licensing to enable 10G ports."

"The pricing structure for Cisco Secure Firewall can be challenging to manage."

"Purchasing from the AWS Marketplace was easy. It was just point and click."

"They seem to be at the top end in terms of pricing, but they are worth the price. They are probably a little bit lower than Palo Alto. If the customers are relying on Cisco products and they are thinking more in terms of scaling to another layer in a year, it is pretty much in a good price range."

More Cisco Secure Firewall pricing and cost advice

"The price of Fortinet FortiGate is reasonable."

"Fortinet Secure SD-WAN delivered the lowest total cost of ownership (TCO) per Mbps among all other vendors."

"It's a very full-featured and it's priced well solution."

"Setup costs and pricing depends on many variables, but it's mostly affordable."

"I think that the pricing is fair."

"We pay for the solution annually."

"Its price is affordable and lesser than Cisco. Cisco is expensive. In terms of licensing, there is only one issue. If a customer's license has expired a month ago and they do the renewal after one month, Fortinet renews the license from the start of the previous month. The activation of the product is done from the previous month, not from the date of renewal. The customers usually shout and complain that because they are paying today, the renewal should start from today. The support contract renewals or licensing should be renewed from the date of renewal, but Fortinet starts from the day it had expired. It is a loss for customers. They might have had some problems because of which they did not take the license one month before. Fortinet should work on this. Cisco doesn't do this. Cisco always starts from the day they apply for the license."

"In terms of the market, it's not a cheap product, but it's cost-effective."

More Fortinet FortiGate pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Firewalls solutions are best for your needs.

See recommendations

842,767 professionals have used our research since 2012.

Comparison Review

it_user216600

Senior Technical Consultant with 51-200 employees

Jan 3, 2016

Sophos UTM vs. Fortinet FortiGate

I have used both Sophos and Fortinet products in production and I have found the Sophos UTM appliances (hardware and virtual) to be a better fit most of the time -- with a few caveats which I will touch on below. In both instances, the transition from TMG will be mostly straightforward. The main…

Read full review

Top Industries

By visitors reading reviews

Educational Organization

42%

Computer Software Company

13%

Manufacturing Company

Government

Educational Organization

22%

Computer Software Company

14%

Comms Service Provider

Manufacturing Company

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

Which is the better NGFW: Fortinet Fortigate or Cisco Firepower?

When you compare these firewalls you can identify them with different features, advantages, practices and usage at large. In my opinion, Fortinet would be the best option and l use Fortinet too...

See all answers

Which is better - Fortinet FortiGate or Cisco ASA Firewall?

One of our favorite things about Fortinet Fortigate is that you can deploy on the cloud or on premises. Fortinet Fortigate is very stable, reliable, and consistent. We like that we can manage the e...

See all answers

How does Cisco's ASA firewall compare with the Firepower NGFW?

It is easy to integrate Cisco ASA with other Cisco products and also other NAC solutions. When you understand the Cisco ecosystem, it is very simple to handle. This solution has traffic inspection ...

See all answers

What is the biggest difference between Sophos XG and FortiGate?

From my experience regarding both the Sophos and FortiGate firewalls, I personally would rather use FortiGate. I know the firewalls change every 5 to 7 years as stated but you really do need to upg...

See all answers

What are the biggest technical differences between Sophos UTM and Fortinet FortiGate?

As a solution, Sophos UTM offers a lot of functionality, it scales well, and the stability and performance are quite good. The most valuable features for me are their web and email filtering. I wou...

See all answers

Fortigate 60d vs. Meraki MX67 for a small company without a dedicated IT Department

We have Meraki Mx devices now, we are looking to replace them. But that is because the Meraki MX platform lacks SSL Inspection, Granular Firewall rules (Block only, no allow setting), client vpn re...

See all answers

Comparisons

Palo Alto Networks WildFire vs Cisco Secure Firewall

Compared 8% of the time

Netgate pfSense vs Cisco Secure Firewall

Compared 6% of the time

Palo Alto Networks NG Firewalls vs Cisco Secure Firewall

Compared 5% of the time

OPNsense vs Cisco Secure Firewall

Compared 4% of the time

Meraki MX vs Cisco Secure Firewall

Compared 4% of the time

More Cisco Secure Firewall Competitors

Sophos XG vs Fortinet FortiGate

Compared 23% of the time

Netgate pfSense vs Fortinet FortiGate

Compared 13% of the time

WatchGuard Firebox vs Fortinet FortiGate

Compared 5% of the time

SonicWall TZ vs Fortinet FortiGate

Compared 5% of the time

Meraki MX vs Fortinet FortiGate

Compared 5% of the time

More Fortinet FortiGate Competitors

Product Reports

Buyer's Guide

Cisco Secure Firewall

March 2025

Download Cisco Secure Firewall product report

Buyer's Guide

Fortinet FortiGate

March 2025

Download Fortinet FortiGate product report

Also Known As

Cisco Adaptive Security Appliance (ASA) Firewall, Cisco ASA NGFW, Adaptive Security Appliance, Cisco Sourcefire Firewalls, Cisco ASAv, Cisco Firepower NGFW Firewall

FortiGate 60b, FortiGate 60c, FortiGate 80c, FortiGate 50b, FortiGate 200b, FortiGate 110c, FortiGate, Fortinet Firewall

Overview

Cisco Secure Firewall stands as a robust and adaptable security solution, catering to organizations of all sizes. It's designed to shield networks from a diverse array of cyber threats, such as ransomware, malware, and phishing attacks. Beyond mere protection, it also offers secure access to corporate resources, beneficial for employees, partners, and customers alike. One of its key functions includes network segmentation, which serves to isolate critical assets and minimize the risk of lateral movement within the network.

The core features of Cisco Secure Firewall are multifaceted:

Advanced threat protection is achieved through a combination of intrusion prevention, malware detection, and URL filtering technologies.
For secure access, the firewall presents multiple options, including VPN, remote access, and single sign-on.
Its network segmentation capability is vital in creating barriers within the network to safeguard critical assets.
The firewall is scalable, effectively serving small businesses to large enterprises.
Management is streamlined through Cisco DNA Center, a central management system.

The benefits of deploying Cisco Secure Firewall are substantial. It significantly reduces the risk of cyberattacks, thereby enhancing the security posture of an organization. This security also translates into increased productivity, as secure access means uninterrupted work. Compliance with industry regulations is another advantage, as secure access and network segmentation align with many regulatory standards. Additionally, it helps in reducing IT costs by automating security tasks and simplifying management processes.

In practical scenarios, Cisco Secure Firewall finds diverse applications. It's instrumental in protecting branch offices from cyberattacks, securing remote access for various stakeholders, safeguarding cloud workloads, and segmenting networks to isolate sensitive areas.

User reviews from PeerSpot reflect an overall positive experience with the Cisco Secure Firewall. Users appreciate its ease of configuration, good management capabilities, robust protection, user-friendly interface, and scalability. However, some areas for improvement include better integration capabilities with other vendors, maturity, control over bandwidth for end-users, and addressing software bugs.

In summary, Cisco Secure Firewall is a comprehensive, versatile, and reliable security solution that effectively meets the security needs of various organizations. It offers a balance of advanced protection, user-friendly management, and scalability, making it a valuable asset in the realm of network security.

Cisco

Fortinet FortiGate offers comprehensive network security and firewall protection across multiple locations. It effectively manages data traffic and secures environments with features like VPN, intrusion prevention, and UTM controls.

Organizations rely on Fortinet FortiGate for its robust integration with advanced security policies, ensuring significant protection for enterprises, cloud environments, and educational sectors. It facilitates network segmentation, application-level security, and authentication management, securing communication within and between locations such as branches and data centers. Its efficient SD-WAN and UTM features enable streamlined data management and enhanced threat protection capabilities. Users appreciate its centralized management, facilitating seamless operations across diverse environments.

What are the key features of Fortinet FortiGate?

VPN Capabilities: Ensure secure remote access for users and seamless site-to-site connections.
Intrusion Prevention System (IPS): Detect and prevent security threats and vulnerabilities.
Advanced Firewall: Offers robust firewalling with application control and web filtering.
SD-WAN: Optimizes application performance and enhances bandwidth management.
SSL VPN: Provides reliable and secure access for remote workers.

What benefits should users expect from Fortinet FortiGate?

High-performance Security: Delivers effective threat mitigation with high availability.
Centralized Management: Simplifies network operations with cloud-based management tools.
Detailed Analytics: Provides comprehensive insights into network activity and security threats.
Load Balancing: Ensures optimal resource distribution and traffic management.

Fortinet FortiGate is crucial in sectors like education, offering robust networks for secure data flow between campuses and facilitating remote learning. In enterprise environments, it allows efficient management of application traffic and security across multiple branches, while in the cloud, it seamlessly integrates with diverse platforms to enhance security infrastructure.

Fortinet

Sample Customers

There are more than one million Adaptive Security Appliances deployed globally. Top customers include First American Financial Corp., Genzyme, Frankfurt Airport, Hansgrohe SE, Rio Olympics, The French Laundry, Rackspace, and City of Tomorrow.

Amazon Web Services, Microsoft, IBM, Cisco, Dell, HP, Oracle, Verizon, AT&T, T-Mobile, Sprint, Vodafone, Orange, BT Group, Telstra, Deutsche Telekom, Comcast, Time Warner Cable, CenturyLink, NTT Communications, Tata Communications, SoftBank, China Mobile, Singtel, Telus, Rogers Communications, Bell Canada, Telkom Indonesia, Telkom South Africa, Telmex, Telia Company, Telkom Kenya

Buyer's Guide

Cisco Secure Firewall vs. Fortinet FortiGate

March 2025

Free Report: Cisco Secure Firewall vs. Fortinet FortiGate

Find out what your peers are saying about Cisco Secure Firewall vs. Fortinet FortiGate and other solutions. Updated: March 2025.

DOWNLOAD NOW

842,767 professionals have used our research since 2012.

See our Cisco Secure Firewall vs. Fortinet FortiGate report.

See our list of best Firewalls vendors.

We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.