Try our new research platform with insights from 80,000+ expert users

Cisco Secure Firewall vs Zscaler Cloud Firewall comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 16, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Fortinet FortiGate
Sponsored
Ranking in Firewalls
2nd
Average Rating
8.4
Reviews Sentiment
7.2
Number of Reviews
318
Ranking in other categories
Software Defined WAN (SD-WAN) Solutions (1st), WAN Edge (1st)
Cisco Secure Firewall
Ranking in Firewalls
7th
Average Rating
8.2
Reviews Sentiment
7.1
Number of Reviews
409
Ranking in other categories
Cisco Security Portfolio (4th)
Zscaler Cloud Firewall
Ranking in Firewalls
24th
Average Rating
8.4
Reviews Sentiment
7.3
Number of Reviews
17
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of April 2025, in the Firewalls category, the mindshare of Fortinet FortiGate is 21.1%, up from 17.7% compared to the previous year. The mindshare of Cisco Secure Firewall is 5.8%, up from 5.5% compared to the previous year. The mindshare of Zscaler Cloud Firewall is 0.4%, up from 0.3% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Firewalls
 

Featured Reviews

EhabAli - PeerSpot reviewer
Efficient, user-friendly, and affordable
In the past, NSS Labs was utilized to test files and verify the numbers and datasheets. It would be beneficial to have an organization or testing lab that can verify the numbers in our datasheets since changes are frequently made, which can be inconvenient for review. For instance, when comparing different competitors such as Forcepoint, Palo Alto, and Check Point, the throughput or numbers in the datasheet may be lower than the actual numbers. Conversely, Fortinet typically reports very high numbers, but they cannot be replicated in the real world. Therefore, it would be advantageous for them to partner with a neutral testing organization such as NSS Labs to validate these numbers, thus providing more credibility and comfort to everyone regarding the accuracy of the datasheets. For the migration, everyone has a firewall in use and I am selling Fortinet. Typically, I am replacing another firewall. Previously, there was a tool available to convert configurations from one firewall, such as Palo Alto, to Fortinet, but this tool is no longer free. If it could be made free again, it would be very beneficial. This tool shows a lot of promise and is very good. Making it free would help many companies deliver their products in a more efficient and integrated way. It would also be more valuable to include the tool with the firewall package or license instead of having to pay extra for it. Paying extra puts more pressure on small companies to deliver the firewall and complete the configuration, especially if they have hundreds or thousands of policies. It's very painful to move through these policies line by line. The stability has room for improvement. When it comes to Secure SD-WAN, everything is fine. They are going the right way. SD-WAN is very promising. They can provide the SD-WAN solution separately, but they will not take this approach because even the smallest firewall can support the features, so there is no need to have a separate service or appliance. They are following the right steps, and there is nothing to be improved. Feature-wise, I'm really satisfied with the new release, and the features they have added. For now, it's fine.
Maharajan S - PeerSpot reviewer
Enhances security with precise access control but has integration challenges
Overall, I would rate the product six out of ten. Because of the support and cost, I moved away from Cisco, but otherwise, it is a good product. Recommendation depends on the requirement. If lacking a proper team and being dependent on the OEM and partner, Cisco is not suitable. However, if the team is qualified with Cisco-certified people and the requirement is a big network, it can be considered. In today's hybrid work world, having an expanded gateway is more typical than having a single one. Thus, Cisco is unlikely to be recommended for a hybrid requirement unless in-house skills align. Otherwise, depending on partners and Cisco, it can be a risk. I rate the overall solution six out of ten.
Bhaskar Rao - PeerSpot reviewer
Though it helps deal with web traffic or any malicious traffic, it needs to work on its DC performance issues
The product's initial setup phase is moderate in level, so it is neither very complex nor very easy. For the deployment, my company first needs to gather all the requirements of the users and the domain names and consider how many users there are in the company. In the implementation and planning part, my company needs to consider what kind of policies we will create while ensuring that the policies are created based on the requirements of the users. There is a need to segregate the users' requirements since there are separate departments in the company, like the HR department, sales department, IT department, and manufacturing department, so that our company can create policies depending on their requirements. On-site, if you want a GRE tunnel, our company can handle GRE tunnel traffic routing and Zscaler Cloud Firewall, after which Zscaler will take action based on the policies created by our organization. For the deployments and maintenance, a team of five members consisting of two managers and three engineers is required.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The features that we have found most valuable are the SSL VPN and the User Portal."
"FortiGate firewalls are user-friendly, and I like the security profiling features."
"It is a good source for firewall protection."
"Fortinet FortiGate's ease of management is the most valuable feature."
"The multi-tenancy feature is most valuable. It integrates very well with FortiManager and FortiAnalyzer."
"The most valuable feature is the ease of use."
"We use the filtering feature the most. It has filtering and inbuilt securities. We can create customized rules to define which users can access a particular type of site. We can create policies inside the firewall."
"I am "headache free" that I don't have to categorize all the websites and that security has been pre categorized by the people, and that the services are getting updated. At least one part of my problem is over."
"I like the firewall features, Snort, and the Intrusion Prevention System (IPS)."
"The most valuable feature that Cisco Firepower NGFW provides for us is the Intrusion policy."
"The remote access, VPN, and ACL features are valuable. We are using role-based access for individuals."
"The IPS, as well as the malware features, are the two things that we use the most and they're very valuable."
"The greatest benefit for the organization is the confidence that we are secured."
"It's a flexible solution."
"Ease of configuration: It has gotten a lot easier to configure compared to the original Cisco Pix."
"We use the solution for deep packet inspection, Internet Edge functionality, IDS, and IDP."
"The solution is scalable."
"The visibility and log availability offered are highly valued for troubleshooting purposes, and this is a key factor driving customer interest in the firewall module."
"Includes advanced tech protection."
"If malicious traffic attacks our on-premises servers, then it gets blocked by Zscaler Cloud Firewall."
"The scalability is okay. We have around 2200 people using this solution."
"Once you have Zscaler running you have access to configure it however you want."
"I like the ease of deployment and its flexibility. We don't need to deal with license, quotes, procurement, delivery, and installation. Everything is software-based, and it's very easy to operate."
"The initial setup is straightforward."
 

Cons

"One of the problems I was having was with user mapping, and it is an issue for which I have escalated tickets with Fortinet support."
"The process of configuring firewall rules appears excessively complex."
"There are some problems that support cannot give you a logical reason as to why it happened. For example, I had a case where I was dealing with a WhatsApp application that was giving issues. Technical support gave more than one reason it could be giving issues, but none of them solved the problem. Eventually I solved the problem, but it was far from the solutions that support had given."
"Technical support needs to be improved."
"We'd like more management across other integrations."
"They should improve the interface to make it more user-friendly."
"It would be nice if FortiGate incorporated some built-in endpoint protection features. I would also like a built-in SOC dashboard for managing multiple Fortinet firewalls."
"In the future, I would like to see improvements made to cloud-based management."
"We wanted to integrate Firepower with our solution, but it didn't have the capability to accommodate our bandwidth since they only had two 10 gig interfaces on the box. We run way more than that through our network because we are a service provider, providing Internet to our customers."
"For what we use it for, it ends up being the perfect product for us, but it would help if they could expand it into some of the other areas and other use cases working with speeding up and the reliability of the pushes from the policy manager."
"Cisco Secure Firewall should be easier to handle. It uses ASDM, which is not easy to understand. It would be better if there was direct access via HTTPS."
"They need a user-friendly interface that we could easily configure."
"The initial setup can be a bit complex for those unfamiliar with the solution."
"If I need to download AnyConnect in a rush, it will prompt me for my Cisco login account. Nobody wants to download a client to a firewall that they don't own."
"When you make any changes, irrespective of whether they are big or small, Firepower takes too much time. It is very time-consuming. Even for small changes, you have to wait for 60 seconds or maybe more, which is not good. Similarly, when you have many IPS rules and policies, it slows down, and there is an impact on its performance."
"The Cisco Firewall UI could be improved."
"Pricing is a challenge."
"The product could improve its integration with some legacy systems."
"They do not provide a few components that are fundamental to differentiate the products"
"Certain criteria need to be met if you want to scale this solution."
"Because it's on cloud, it doesn't allow application of extra settings."
"I don't have the visibility of a control dashboard or a network management system."
"Instead of the standard license, they should certainly provide customers with the visibility to access and view the logs."
"When it comes to customer support, there is room for improvement in Zscaler's service."
 

Pricing and Cost Advice

"There is a subscription-based model to use Fortinet FortiGate. We pay annually for the solution along with the support. If you want to have all the updates, and security patches you will need to renew your support."
"If the customer is looking for SD-WAN, it comes free with FortiGate."
"The pricing is fair."
"Fortigate's pricing is competitive."
"As far as I'm aware, in our case, it's just a yearly pricing arrangement with no additional licensing costs."
"In the Asian economy in which we operate, FortiGate is expensive."
"The price of Fortinet FortiGate could improve, it is expensive."
"The price of Fortinet FortiGate is affordable. Most of our customers are on a three-year license to use the solution. All the features and support are included in the price."
"I'd say it's probably well-priced."
"Everything with Cisco is expensive. My advice is that there are a lot better options out in the market now."
"With the bundling mode with Duo licensing, it's now better. It's better to have one simplified global licensing mode, and this is what Cisco has done with bundling. The next-generation firewalls include a set of features such as filtering, emails, and IPS. This combination offers the best way for customers to manage their operating expenses."
"Although I am not directly involved in dealing with the pricing aspect of the Cisco Secure Firewall, I know that the licensing has improved over the years."
"Their pricing is very aggressive and good. Even a small company can afford it. I am happy with its pricing. Its licensing is on a yearly basis."
"Pricing depends on partnerships and certifications."
"It is a great solution for medium or big enterprises, not so much for small businesses, mainly due to the financial costs."
"The price for Firepower is more expensive than FortiGate. The licensing is very complex. We usually ask for help from Solutel because of its complexity. I have a Cisco account where I can download the VPN client, then connect. Instead, I create an issue with Solutel, then Solutel solves the case."
"The licensing is on a yearly basis. It is somewhere around 30 or 40 pounds per user for our organization."
"There is an annual license required for the use of the Zscaler Cloud Firewall."
"It comes at a significantly reduced cost while ensuring control and effectiveness."
"It is expensive for small businesses."
"There are licensing costs, and I would not say that it's a cheap vendor."
"The product is a bit expensive compared to the solutions offered by its competitors, like Palo Alto. There is a need to make yearly payments towards the license in charges associated with the product."
"On a scale from one to ten, where one is cheap, and ten is expensive, I rate the solution's pricing an eight out of ten."
"Zscaler is priced too high compared to the cost of Fortinet."
report
Use our free recommendation engine to learn which Firewalls solutions are best for your needs.
842,767 professionals have used our research since 2012.
 

Comparison Review

it_user206346 - PeerSpot reviewer
Mar 11, 2015
Cisco ASA vs. Palo Alto Networks
Cisco ASA vs. Palo Alto: Management Goodies You often have comparisons of both firewalls concerning security components. Of course, a firewall must block attacks, scan for viruses, build VPNs, etc. However, in this post I am discussing the advantages and disadvantages from both vendors concerning…
 

Top Industries

By visitors reading reviews
Educational Organization
22%
Computer Software Company
14%
Comms Service Provider
7%
Manufacturing Company
6%
Educational Organization
42%
Computer Software Company
13%
Manufacturing Company
4%
Government
4%
Computer Software Company
12%
Financial Services Firm
12%
Manufacturing Company
8%
Government
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Which is the better NGFW: Fortinet Fortigate or Cisco Firepower?
When you compare these firewalls you can identify them with different features, advantages, practices and usage a...
What is the biggest difference between Sophos XG and FortiGate?
From my experience regarding both the Sophos and FortiGate firewalls, I personally would rather use FortiGate. I know...
What are the biggest technical differences between Sophos UTM and Fortinet FortiGate?
As a solution, Sophos UTM offers a lot of functionality, it scales well, and the stability and performance are quite ...
Which is better - Fortinet FortiGate or Cisco ASA Firewall?
One of our favorite things about Fortinet Fortigate is that you can deploy on the cloud or on premises. Fortinet Fort...
How does Cisco's ASA firewall compare with the Firepower NGFW?
It is easy to integrate Cisco ASA with other Cisco products and also other NAC solutions. When you understand the Cis...
Which is better - Meraki MX or Cisco ASA Firewall?
Cisco Adaptive Security Appliance (ASA) software is the operating software for the Cisco ASA suite. It supports netw...
Which lesser known firewall product has the best chance at unseating the market leaders?
Netscope, Zscaler if they continue route they are on now. FIrewalls needs great deal of automation on each end, datac...
What do you like most about Zscaler Cloud Firewall?
The product’s firewall and VPN package are fantastic compared to any other solution.
What is your experience regarding pricing and costs for Zscaler Cloud Firewall?
The product is a bit expensive compared to the solutions offered by its competitors, like Palo Alto. There is a need ...
 

Also Known As

FortiGate 60b, FortiGate 60c, FortiGate 80c, FortiGate 50b, FortiGate 200b, FortiGate 110c, FortiGate, Fortinet Firewall
Cisco Adaptive Security Appliance (ASA) Firewall, Cisco ASA NGFW, Adaptive Security Appliance, Cisco Sourcefire Firewalls, Cisco ASAv, Cisco Firepower NGFW Firewall
No data available
 

Overview

 

Sample Customers

Amazon Web Services, Microsoft, IBM, Cisco, Dell, HP, Oracle, Verizon, AT&T, T-Mobile, Sprint, Vodafone, Orange, BT Group, Telstra, Deutsche Telekom, Comcast, Time Warner Cable, CenturyLink, NTT Communications, Tata Communications, SoftBank, China Mobile, Singtel, Telus, Rogers Communications, Bell Canada, Telkom Indonesia, Telkom South Africa, Telmex, Telia Company, Telkom Kenya
There are more than one million Adaptive Security Appliances deployed globally. Top customers include First American Financial Corp., Genzyme, Frankfurt Airport, Hansgrohe SE, Rio Olympics, The French Laundry, Rackspace, and City of Tomorrow.
Zenith Live, Azure, Carlsberg Group
Find out what your peers are saying about Cisco Secure Firewall vs. Zscaler Cloud Firewall and other solutions. Updated: March 2025.
842,767 professionals have used our research since 2012.