We performed a comparison between Cisco Secure Firewall and Palo Alto Networks NG Firewalls based on our users’ reviews in four categories. After reading all of the collected data, you can find our conclusion below.
Features: Cisco Secure Firewall is commended for its threat defense, dashboard visibility, seamless integration with other Cisco products, and ease of use. Palo Alto Networks NG Firewalls are highly regarded for their embedded machine learning, robust security capabilities, and intuitive interface.
Both the Cisco Secure Firewall and Palo Alto Networks NG Firewalls have numerous areas for improvement. The Cisco Secure Firewall needs enhancement in network performance, policy administration, advanced features, management interface, patching and bug fixing, integration with other tools, and centralized management. Palo Alto Networks NG Firewalls can improve in terms of customization, next-generation capabilities, rule creation, monitoring interface, bug fixing, configuration simplicity, support processes, ACC tool, IPv6 support, VPN functionality, GUI interface, training materials, SSL inspection, and external dynamic list feature.
Service and Support: Customer opinions on the customer service of Cisco Secure Firewall vary, as some customers appreciate the technical support they receive, while others encounter delays and challenges. Palo Alto Networks NG Firewalls also receive mixed reviews for their customer service. While some customers commend the expertise of their support team, others express frustration with contacting the team and enduring lengthy wait times.
Ease of Deployment: The setup process for Cisco Secure Firewall can be more or less complex depending on the user's familiarity and environment. The initial setup for Palo Alto Networks NG Firewalls is described as simple, uncomplicated, and effortless. Users appreciate its user-friendly and efficient design, with readily available training materials for easy comprehension.
Pricing: Reviewers have differing opinions on the setup cost of Cisco Secure Firewall. Some consider it expensive due to additional expenses for licensing, support, and hardware. Palo Alto Networks NG Firewalls are generally acknowledged to have higher pricing. Reviewers note that Palo Alto Networks offers competitive hardware prices and discounts for multi-year licenses.
Comparison Results: Palo Alto Networks NG Firewalls is the preferred choice when compared to Cisco Secure Firewall. Users find the initial setup of Palo Alto Networks NG Firewalls to be straightforward and easy. Palo Alto Networks NG Firewalls stands out for its embedded machine learning capabilities, strong security features, and user-friendly interface.
"Customers want to load balance more than eight lines or six internet lines. FortiGate is the only solution that can accomplish this."
"Security management tool that's easy to integrate and easy to work with. No issues found with its stability and scalability."
"A strong point of FortiGate is the graphical interface is complete and easy to use."
"The next-gen features, the unified threat management capabilities are something that just about everybody is interested in at this point."
"The base firewall features are quite valuable to us."
"It's quite comfortable to handle the FortiGate firewall."
"In terms of security, we have not experienced any security flaws or loopholes, and it has proven to be quite stable."
"Some of the key features of the solution is that it has good reporting, you can receive many details from the connection, for example, clients and website information."
"Very good as a stateful inspection firewall."
"Logging is great. It will show when it reaches its capacity before it is too late, unless you have bursts of traffic."
"The most valuable features are the IPsec VPN and web filtering."
"I like that Cisco Firepower NGFW Firewall is reliable. Support is also good."
"This solution helped us to identify the key areas where we need to focus to block traffic that is malicious to our organization."
"The remote access, VPN, and ACL features are valuable. We are using role-based access for individuals."
"The most valuable feature of this solution is its ability to integrate vertically."
"One of the most valuable features is the AMP. It's very good and very reliable when it comes to malicious activities, websites, and viruses."
"Good functionality and features."
"The ease of use and the ease of configuration of our policies are the most valuable features."
"When we put it on the border, it was blocking everything that we were getting ahead of time, and we weren't getting any hits. This includes URL filtering, spam prevention, and anti-virus."
"Provision of quality training material and the reporting is very good."
"The user experience is good and the configuration is very easy."
"The structure is much faster and more sophisticated than Cisco."
"Palo Alto Networks NG Firewalls provide a unified platform that natively integrates all security capabilities."
"With our High availability pair, we have had no downtime for several years, since it was first put it in production."
"Fortinet FortiGate needs to improve the logging and reporting. Additionally, the next-generation application's policies should be improved. When they were released they had bugs."
"If I had any criticism that I would give FortiGate, it would be that they need to stop changing their logging format. Every time we do a firmware upgrade, it is a massive issue on the SIM. Parsers have to be rebuilt. Even the FortiGate guys came in and said that they don't play well in the sandbox."
"Application management can be improved."
"There are some complex administration tasks in their administration portal. That needs to be improved."
"The user interface could be improved."
"MTBF: Hardware failure is more common when compared to SonicWall or Cisco ASA."
"Fortinet needs more memory to save the log files. We need it to save the logs on the hardware and not in the cloud. I know this feature is available in FortiCloud, but if we need this log locally, it is not available."
"The feedback that I have received is that the performance could be better, and the user experience is not as good compared to a previous solution we used. It could be more user-friendly. Of course, it still works fine for our operations."
"it is not very user-friendly for the administration."
"It would be nice if you didn't have to configure using a command-line interface. It's a bit technical that way."
"In terms of next-generation capabilities, Cisco is a little behind, and it is way behind the market leaders."
"Multiple WAN connections: Even though you can implement more than one interface to outside connections, it is lacking on load balances, etc."
"The integration between different tools could be improved. For example, with SecureX, I am yet to find out how to forward security events to different tools such as Microsoft Sentinel, which is what we use for log detection."
"One of my colleagues is using the firewall as an IPS, but he is worried about Firepower's performance... With the 10 Gb devices, when it gets to 5 Gbps, the CPU usage goes up a lot and he cannot manage the IPS."
"The IPS and GUI are outdated."
"It is expensive."
"Support should be improved, wait times can be long."
"The solution is very expensive. There are cheaper options on the market."
"We are not happy with Palo Alto at all. It would be better if they provided more support for the firewall. We have a few pending issues with the configuration for each application. We cannot deploy them yet due to some support-related problems in the firewall. We have deployed a few policies for DNS spoofing and DNS attacks, but we could only block a few IP addresses through the policy. That's DNS security, and we have configured a few policies for DNS spoofing and more. URL categorization and URL filtering are not yet adequately maintained. For example, if you created a few rules in the rule-based configuration and made some rules downstairs, you will lose some of them if you give access upstairs. It's not giving us a proper solution for which route it is using. We need to apply the application-based policies and URL filtering-based policies. It creates more issues because we are not getting good support from the team."
"The level of control and granularity in terms of rule customization could be enhanced. However, compared to our previous solution, Palo Alto provides much better drill-down capabilities."
"I think visibility can be improved."
"There is a tradeoff between security and network performance, as security is always top-notch, but performance can sometimes lag and has room for improvement."
"The SD-WAN product is fairly new. They could probably improve that in terms of customizing it and making the configuration a little bit easier."
"It is a complete product, but the SSL inspection feature requires some improvements. We need to deploy certificates at each end point to completely work out the UTM solutions. If you enable SSL encryption, it is a tedious process. It takes a lot of time to deploy the certificates to all endpoints. Without SSL inspection, UTM features will not work properly. So, we are forced to enable this SSL inspection feature."
More Palo Alto Networks NG Firewalls Pricing and Cost Advice →
Cisco Secure Firewall is ranked 4th in Firewalls with 404 reviews while Palo Alto Networks NG Firewalls is ranked 6th in Firewalls with 162 reviews. Cisco Secure Firewall is rated 8.2, while Palo Alto Networks NG Firewalls is rated 8.6. The top reviewer of Cisco Secure Firewall writes "Highlights and helps us catch Zero-day vulnerabilities traveling across our network". On the other hand, the top reviewer of Palo Alto Networks NG Firewalls writes "We get reports back from WildFire on a minute-by-minute basis". Cisco Secure Firewall is most compared with Palo Alto Networks WildFire, Netgate pfSense, Meraki MX, Sophos XG and Juniper SRX Series Firewall, whereas Palo Alto Networks NG Firewalls is most compared with Check Point NGFW, Azure Firewall, Meraki MX, Sophos XG and OPNsense. See our Cisco Secure Firewall vs. Palo Alto Networks NG Firewalls report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
Pricewise Cisco. But PA has better rating.
Palo Alto is better.
In my Oppinion, Palo Alto is better than Cisco. You can refer in NSS Lab 2018 & 2019 DCSG-SVM, NSS-labs-NGIPS-Comparative-Report, and some report from Forester about Zero Trust Architecture, and Gartner SASE report to discus more advantages of Palo Alto in the future