Try our new research platform with insights from 80,000+ expert users

Cisco Secure Firewall vs ShieldX comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 16, 2024
 

Categories and Ranking

Fortinet FortiGate
Sponsored
Ranking in Firewalls
2nd
Average Rating
8.4
Number of Reviews
316
Ranking in other categories
Software Defined WAN (SD-WAN) Solutions (1st), WAN Edge (1st)
Cisco Secure Firewall
Ranking in Firewalls
5th
Average Rating
8.2
Number of Reviews
406
Ranking in other categories
Cisco Security Portfolio (3rd)
ShieldX
Ranking in Firewalls
49th
Average Rating
9.2
Number of Reviews
4
Ranking in other categories
Cloud and Data Center Security (20th), Microsegmentation Software (13th)
 

Mindshare comparison

As of November 2024, in the Firewalls category, the mindshare of Fortinet FortiGate is 19.8%, up from 17.1% compared to the previous year. The mindshare of Cisco Secure Firewall is 5.7%, down from 6.0% compared to the previous year. The mindshare of ShieldX is 0.0%, up from 0.0% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Firewalls
 

Featured Reviews

DineshKumar28 - PeerSpot reviewer
Sep 25, 2024
Effective threat prevention with responsive customer support
We are using Fortinet FortiGate as a firewall Fortinet FortiGate has been invaluable. It has helped save costs due to its various features, reliable performance, very good UI, low latency, and stability. The Threat Intel engine in Fortinet FortiGate is highly rated for its effectiveness in…
Daniel Going - PeerSpot reviewer
Jun 26, 2022
Is intuitive in terms of troubleshooting, easy to consume, and stable
We use it for data center security for both the north-south and east-west. With Firepower, you get the next-generation functionality and the next-generation firewall features. Traditionally, when you have a layer three access list, it's really tricky to get the flexibility you need to allow staff…
MP
Oct 10, 2019
Proactively monitors, blocks, and reports what it has blocked; and self-updates meaning there is zero maintenance
The most valuable feature is the automatic scaling. With its microservices, it scales both up and down, depending on traffic and throughput. The traffic through our website depends on holiday bookings. It's very quiet in November through January, and then our traffic picks up quite rapidly and, at our peak, we will take in excess of a million pounds of business a day through our website. The UI was also one of the huge selling points. My web development manager was blown away with the detail and the granularity that you can get out of the UI. It is a very strong and informative UI, with the amount of data it provides. Uptime on the system has been 648 days and we do very little to it because it self-updates and alerts. It does everything that we need it to do, so the administration side of it is zero. One of the beauties about ShieldX is that it's such a good "fire-and-forget" product.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"We are very happy with the general bandwidth agility we have seen from one website to another website."
"We've found the solution to be pretty stable."
"You can create multiple Virtual Domains (VDOMs), which are treated as separate firewall instances."
"From the firewall perspective, the rules and policies are very sufficient and easy to use."
"I like how we can achieve total integration."
"The email protection and VPN features are the most valuable."
"Customers are more inclined towards FortiGate because of application control, web filtering, and anti-spam features. The support from the FortiGate team is good, and price-wise, it is affordable."
"The scalability of Fortinet FortiGate is good."
"The VPN feature is the most valuable to us because it accomplishes the task well. We're able to do everything we need to do."
"Strong in NAT and access-lists."
"The architecture of FTD is great because it has an in-depth coverage and because it uses the AVC, (Application, Visibility, and Control) and also rate limits. Also, the architecture of fast paths is great."
"Network segmentation is the most valuable feature."
"It integrates with various Cisco security portfolios and products, and there is an easy and seamless integration for building a complete security framework for our customers."
"We use the solution for deep packet inspection, Internet Edge functionality, IDS, and IDP."
"The product offers good scalability."
"The most valuable feature is IPS. It's a feature that's very interesting for tackling the most current attacks."
"The Adaptive Intention Engine is fantastic. It allows us to develop security policies using the language of our internal customers. It's machine-learning applied to security workflows. That allows us to much more easily construct the policies that will protect those workflows."
"We were able to see what devices are talking to each other, giving us more visibility."
"The UI was also one of the huge selling points. My web development manager was blown away with the detail and the granularity that you can get out of the UI. It is a very strong and informative UI, with the amount of data it provides."
"ShieldX has been designed from the very beginning to work well in cloud environments. It understands autoscaling, automation, and auto-configuration. These are the things which are important in today's operating environment."
"It has helped us tighten our security posture. Now, staff can only access things that they should be accessing."
"The most valuable feature is the automatic scaling. With its microservices, it scales both up and down, depending on traffic and throughput."
"...It takes the exact same policies that you would apply to your on-premise environment and enables you to simply apply them to the cloud. It becomes one policy for both on-prem and for the cloud."
 

Cons

"They should make the rule sets more understandable for the end user. When you're trying to explain to somebody how a computer network is secured, sometimes it's difficult for an end user or customer to understand. If there was a way to make the terminology more accessible to the end user, the set up could be easier. They should translate the technical jargon to an easily relatable and understandable conversation for the end user, the customer, that would be brilliant. Particularly in an environment where the IT structure is audited regularly, there's always pressure from the auditor to up the standards and up the security and you get your USCERT's that come out and there's a warning about this and the customer will want to lock out so much and when you apply it they run into issue where they can't search the internet or print to their remote office. Of course they can't print to your remote office, they just locked it up. They should make the language more understandable for the customer. If there's a product out there that made the jargon understandable to John Q. Public, I would buy that."
"I could not configure sFlow from the FortiGate graphical user interface. I realized that the sFlow configuration is available only from the CLI, and discovered that sFlow is not supported on virtual interfaces, such as VDOM links, IPsec, or GRE."
"With the reports, you can see it, and you can get good feelings so upper management can go, "Oh, wow. That looks pretty." However, it's very basic."
"The process of configuring firewall rules appears excessively complex."
"From a reporting perspective, there's room for improvement. They're providing FortiAnalyzer through which one can get some enhancements, but the visibility and reporting still need slight improvement."
"It should provide better visibility over the network and more information in the form of reports for the end users. Its installation should also be easier."
"​It needs to improve its ISP load balancing.​"
"I feel that the reporting needs to be improved."
"A memory leakage issue which literally freeze the nodes (we have an HA environment). The issue is still not solved and the only recommendation from Cisco is to reboot the node."
"VPNs are weak as this product still does not support route-based VPNs."
"If I need to download AnyConnect in a rush, it will prompt me for my Cisco login account. Nobody wants to download a client to a firewall that they don't own."
"It is surprising that you need to have a virtual appliance for the Firepower Management Center. It is not good if you have to setup a VMware server just for it."
"Migration with other appliances is not easy. It has to be done manually, and this takes a long time."
"The user interface is too complex for people who are not trained to or certified to engage with the product. The interface should be easier to use."
"The solution could offer better control that would allow the ability to restrictions certain features from a website."
"I would like for them to develop better integration with other security platforms."
"I would like better reports and in-depth reporting."
"There should be a bit more customer care, with regular review meetings on it or regular reports. It would be nice to have a quarterly or biannual review of what ShieldX has blocked."
"They need to be consistent in performance and capabilities over time, given the fact that this is new and I want to see where this goes in the next year or so. As the vendor continues to evolve and add future functionality, we want to make sure that we are still keeping up with the integrations, etc. Time will be the key factor here. The proper support for some of the latest technologies, Docker containers, etc. They need to keep up with threat landscape, so we will see how the security get layered. This is what we are going to be keeping an eye on."
"We are having some issues with their LDAP and integrating it with the Active Directory. We can't seem to set it up."
"With any kind of tool like ShieldX, where you're in the cloud instead of a traditional firewall, you're using CPU resources in those environments to provide the protection. So there's a cost associated with CPU resources. I'm pressing upon them to make the product much more efficient and use less CPUs to do the same thing."
 

Pricing and Cost Advice

"The price of Fortinet FortiGate is reasonable."
"It is not a very costly product if you compare it with other products. The return on investment is also good. If you compare the return of investment and money that you are spending on this product with Palo Alto, Cisco, Check Point, and other solutions, the investment is very less. We are happy with this solution. The optional licenses are there, and you can choose which one you want and which one to avoid."
"The license of Fortinet FortiGate should be reduced."
"The price is fair for what we get with FortiGate."
"Price-wise, it's at a good price point for our market."
"The price of FortiGate is reasonable as I plan to buy new switches. The initial gadgets are already booted, and the pricing seems normal on the market. As for additional costs, I haven't subscribed to many extra features, so I'm only using what I need. Last year, I renewed the support for three years, which can sometimes be expensive but depends on the security benefits and how it helps us."
"Its pricing is fine. It is on a yearly basis. Other than the licensing fee, there is no extra fee."
"The price is high compared to some of the other solutions."
"​It is worth every penny that we have invested in it.​"
"This product requires licenses for advanced features including Snort, IPS, and malware detection."
"Cisco is not for a small mom-and-pop shop because of the cost, but if you're in a regulated industry where a breach could cost you a million dollars, it's a bargain."
"For me, personally, as an individual, Cisco Firepower NGFW Firewall is expensive."
"We used Check Point and the two are comparable. Cost was really what put us onto the ASAs... the price tag for Check Point was exorbitantly more than what it is for the ASA solution."
"They're not too expensive. They're a little more expensive than other products, but you are getting the name, the company, and the support."
"The price of this solution is not good or bad."
"With the bundling mode with Duo licensing, it's now better. It's better to have one simplified global licensing mode, and this is what Cisco has done with bundling. The next-generation firewalls include a set of features such as filtering, emails, and IPS. This combination offers the best way for customers to manage their operating expenses."
"We are very happy with the pricing and licensing. It's about getting a site-wide license. One of the challenges that we've had with our previous vendor had been the cost of licensing."
"ShieldX ensures that we can have the separation needed for our environment to avoid drastically increasing the cost on the licensing side. From this perspective, it's been very positive and helpful."
"For other security professions who are looking for something which is low in cost that does microsegmentation, they should look at ShieldX. It might not be the big name out there, but it does everything that you are looking for in microsegmentation at a very low price."
"We are actually expecting our costs to drop in the coming year, but it is just a matter of the licensing expiring. That is going to happen in the next six months or so. Then, we will start to see a decrease in overall spend."
"Security policies are now applied as applications are going up. Because it's automated, we don't have the three to four week delay. The insertion of applications in the cloud for us dropped from an average of three to four weeks to a couple of days."
"For a three-year deal we paid £55,000 plus tax... But, and this is a big "but," this was over two years ago. ShieldX had only just hit the market. We were the first company in Europe to buy ShieldX."
"ShieldX also enables us to migrate to cloud environments faster. That is an important part of it for sure because it takes the exact same policies that we would apply to our on-premise environment and enables us to simply apply them to the cloud. It becomes one policy for both on-prem and for the cloud."
report
Use our free recommendation engine to learn which Firewalls solutions are best for your needs.
815,854 professionals have used our research since 2012.
 

Comparison Review

it_user206346 - PeerSpot reviewer
Mar 11, 2015
Cisco ASA vs. Palo Alto Networks
Cisco ASA vs. Palo Alto: Management Goodies You often have comparisons of both firewalls concerning security components. Of course, a firewall must block attacks, scan for viruses, build VPNs, etc. However, in this post I am discussing the advantages and disadvantages from both vendors concerning…
 

Top Industries

By visitors reading reviews
Educational Organization
22%
Computer Software Company
15%
Manufacturing Company
6%
Comms Service Provider
6%
Educational Organization
32%
Computer Software Company
15%
Government
5%
Manufacturing Company
5%
No data available
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

Which is the better NGFW: Fortinet Fortigate or Cisco Firepower?
When you compare these firewalls you can identify them with different features, advantages, practices and usage a...
What is the biggest difference between Sophos XG and FortiGate?
From my experience regarding both the Sophos and FortiGate firewalls, I personally would rather use FortiGate. I know...
What are the biggest technical differences between Sophos UTM and Fortinet FortiGate?
As a solution, Sophos UTM offers a lot of functionality, it scales well, and the stability and performance are quite ...
Which is better - Fortinet FortiGate or Cisco ASA Firewall?
One of our favorite things about Fortinet Fortigate is that you can deploy on the cloud or on premises. Fortinet Fort...
How does Cisco's ASA firewall compare with the Firepower NGFW?
It is easy to integrate Cisco ASA with other Cisco products and also other NAC solutions. When you understand the Cis...
Which is better - Meraki MX or Cisco ASA Firewall?
Cisco Adaptive Security Appliance (ASA) software is the operating software for the Cisco ASA suite. It supports netw...
Ask a question
Earn 20 points
 

Also Known As

FortiGate 60b, FortiGate 60c, FortiGate 80c, FortiGate 50b, FortiGate 200b, FortiGate 110c, FortiGate
Cisco ASA Firewall, Cisco Adaptive Security Appliance (ASA) Firewall, Cisco ASA NGFW, Cisco ASA, Adaptive Security Appliance, ASA, Cisco Sourcefire Firewalls, Cisco ASAv, Cisco Firepower NGFW Firewall
APEIRO, ShieldX APEIRO
 

Overview

 

Sample Customers

Amazon Web Services, Microsoft, IBM, Cisco, Dell, HP, Oracle, Verizon, AT&T, T-Mobile, Sprint, Vodafone, Orange, BT Group, Telstra, Deutsche Telekom, Comcast, Time Warner Cable, CenturyLink, NTT Communications, Tata Communications, SoftBank, China Mobile, Singtel, Telus, Rogers Communications, Bell Canada, Telkom Indonesia, Telkom South Africa, Telmex, Telia Company, Telkom Kenya
There are more than one million Adaptive Security Appliances deployed globally. Top customers include First American Financial Corp., Genzyme, Frankfurt Airport, Hansgrohe SE, Rio Olympics, The French Laundry, Rackspace, and City of Tomorrow.
Iowa State University
Find out what your peers are saying about Cisco Secure Firewall vs. ShieldX and other solutions. Updated: October 2024.
815,854 professionals have used our research since 2012.