We performed a comparison between Cisco Secure Firewall vs Palo Alto Network Wildfire based on our users’ reviews in four categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Based on the parameters we compared, with all other factors being more or less equal, Cisco Secure Firewall comes in a bit ahead of Palo Alto simply because of their stronger support.
"The secure web gateway module and the application control module are valuable. HA operations are very easy."
"The initial setup is straightforward."
"FortiGate's web and URL filtering are unlike any other firewall I've used. The functionality of URL filtering in those solutions is problematic because everything is encrypted, and firewalls can't break that encryption protocol. Fortinet has an SSL proxy, so the encryption is done before the packet ever leaves the FortiGate. The URL filter is definitely one of the most helpful features."
"The notable features that I have found most valuable are that it includes the antivirus, and also IPS, and even SD-WAN."
"Fortinet has a very good solution for Secure SD-WAN. One very good feature is that they have robust and simple FortiOS through which they provide all solutions. That's their strength. There's not much complexity involved with the Secure SD-WAN solution of Fortinet as compared to Cisco's solution, which has a lot of flexibility but complexity also comes with that flexibility."
"The most valuable feature of this solution is Quota."
"The network security and cloud security are most valuable."
"Some of the valuable features are the firewall, IPS, web filter, and gateway capabilities. Additionally, it is easy to use and flexible."
"The features I have found most valuable are the ASA firewalls. I like to have features like most integrated systems in ACI."
"Firepower has reduced our firewall operational costs by about 25 percent."
"ASA is stable and with a low level of work required on the maintenance side."
"It makes it very easy to have delineated roles and responsibilities between network engineering and network security."
"It helped us a lot with our VPNs for the home office during COVID. There has been more security and flexibility for VPNs and other applications."
"With the pandemic, people began working from home. That was a pretty big move, having all our users working from a home. More capacity needed to be added to our remote VPN. ASA did this very well."
"So far, it has been very stable."
"It is much better than most of the other firewalls that I have worked with."
"It has a user-friendly interface."
"What I like about Palo Alto is that it is a complete product, with everything in it."
"The most valuable feature is the improved security that it offers."
"My primary use case for this solution is for a secure gateway."
"Whole team can use the firewall and understand it."
"High availability with active-active and active-passive modes."
"The solution is easy to use and the Panorama feature is good. The software management or the malware blocking and some authentication management system are good."
"Detailed reporting on analysis of content. The inspections are easily applied to security policy profiles and profile groups, and may be assigned on a per-rule basis."
"It would be nice if FortiGate incorporated some built-in endpoint protection features. I would also like a built-in SOC dashboard for managing multiple Fortinet firewalls."
"When we cluster the two Fortinet FortiGate boxes together we have some issues."
"The price of FortiGate should be reduced because there are some other leading products that are cheaper."
"I would like to see improvements in the product's application rules."
"Fortinet FortiGate could improve by adding enhancements to FortiMail, FortiSOAR, and FortiDeceptor."
"This product could be improved with Active directory integration and better handling in IPsec and GRE Tunnels."
"They are doing good, but they can improve the distributor assignment. The availability of the product and the timeline of delivery are the main things. The distribution should be swift, and the distributor should not reach out to end customers directly. They should work as a distributor. There should also be one more local distributor. Currently, there is only one distributor in Pakistan, and the rest of them are in UAE. It is difficult to work with only one distributor. Sometimes, you don't get along with the same distributor, and that's why they should have one more distributor. Their licensing should also be improved. The activation or renewal of the product should be done from the date of renewal, not from the date on which the license expired."
"There are some tiny bugs that sometimes affect the operations. In the past revision of it, there was a bug. Because of the bug, we had to downgrade the version. It happened only with the last revision."
"Cisco missed the mark with all the configuration steps. They are a pain and, when doing them, it looks as if we're using a very old technology — yet the technology itself is not old, it's very good. But the front-end configuration is very tough."
"Setting it up is not as intuitive as other more modern NGFWs."
"Sometimes, it is not easy to troubleshoot. You need to know where to go. It took me quite awhile. It's like, "Okay, if it doesn't go smoothly here, then go find the documentation." Once you do it, it is not so bad. However, it is sometimes a steep learning curve on the troubleshooting part of it."
"They could improve by having more skilled, high-level engineers that are available around the clock. I know that's an easy thing to say and a hard thing to do."
"The policies module in FMC specifically isn't the most user-friendly. Coming from Cisco ASA, Cisco ASA is a little bit easier to use. When you get into particularly complex deployments where you have a lot of different interfaces and all that kind of stuff, it's a little bit tricky. Some usability improvements there would be nice."
"The access layer of this solution could be improved in terms of the way the devices interconnect with our network. We need to be able to analyze the traffic between the different interconnection in these areas."
"I would like it to be easier to work with and have a better user interface. It is not straightforward. You need to know the Cisco command-line interface."
"Most users do not have awareness of this product's functionality and features. Cisco should do something to make them aware of them. That would be quite excellent and useful to organizations that are still using legacy data-center-security products."
"High availability features are lacking."
"It's not really their problem, it's a problem across the board. There will always be problems with interrupted traffic. We have to set it up where we're playing a middle man game where we're stripping it out, looking at it, and then putting it back together and sending it on its way. That requires CPU cycles. And there's some overhead with that."
"The only problem with this solution is the cost. It's expensive."
"I would like to see them continue on their developmental roadmap for the product."
"Other vendors have some sort of bandwidth management built into the firewall itself and Palo Alto is missing that."
"In the future, Palo Alto could reduce the time it takes to process the file."
"The GUI is better in 8.0, but I still feel it lacks the fast response most of us desire. Logs are much quicker."
"The threat intelligence that we receiving in the reporting was not as expected. We were expecting more. Additionally, we should be able to whitelist a specific file based on a variety of attributes."
Cisco Secure Firewall is ranked 4th in Firewalls with 404 reviews while Palo Alto Networks WildFire is ranked 3rd in Advanced Threat Protection (ATP) with 58 reviews. Cisco Secure Firewall is rated 8.2, while Palo Alto Networks WildFire is rated 8.4. The top reviewer of Cisco Secure Firewall writes "Highlights and helps us catch Zero-day vulnerabilities traveling across our network". On the other hand, the top reviewer of Palo Alto Networks WildFire writes "Good technical support and provides automatic analysis that saves us time in filtering email". Cisco Secure Firewall is most compared with Netgate pfSense, Meraki MX, Sophos XG, Palo Alto Networks NG Firewalls and Juniper SRX Series Firewall, whereas Palo Alto Networks WildFire is most compared with Juniper SRX Series Firewall, Proofpoint Email Protection, Fortinet FortiSandbox, Check Point SandBlast Network and Zscaler Internet Access.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.