Cisco Secure Firewall vs Zscaler Cloud Firewall comparison

Cisco and Zscaler are both solutions in the Firewalls category. Cisco is ranked #7 with an average rating of 8.2, while Zscaler is ranked #26 with an average rating of 8.3. Cisco holds a 6.0% mindshare in Firewalls, compared to Zscaler’s 0.4% mindshare. Additionally, 82% of Cisco users are willing to recommend the solution, compared to 92% of Zscaler users who would recommend it.

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Sep 16, 2024

Cisco Secure Firewall and Zscaler Cloud Firewall are both leading solutions in the cybersecurity space. Users often see Zscaler Cloud Firewall as the superior product due to its advanced features, despite the higher cost.

Features: Cisco Secure Firewall offers robust security management, excellent integration capabilities, and a high degree of configurability. Zscaler Cloud Firewall provides scalable cloud-native architecture, advanced threat protection, and comprehensive feature sets that exceed those of many competitors.

Room for Improvement: Cisco Secure Firewall needs more intuitive management capabilities, better integration with third-party tools, and smoother software updates. Zscaler Cloud Firewall requires better troubleshooting options, more detailed logging features, and enhanced offline functionality.

Ease of Deployment and Customer Service: Cisco Secure Firewall has straightforward deployment but requires significant initial configuration. Customers rate its service highly. Zscaler Cloud Firewall is reported to have seamless deployment and responsive support, with a slight edge in deployment simplicity and customer service.

Pricing and ROI: Cisco Secure Firewall is generally seen as cost-effective with a quicker return on investment. Zscaler Cloud Firewall, while more expensive, is perceived as offering good value for the price. The better ROI depends on specific needs and budget constraints of the users.

To learn more, read our detailed Cisco Secure Firewall vs. Zscaler Cloud Firewall Report (Updated: April 2025).

Buyer's Guide

Cisco Secure Firewall vs. Zscaler Cloud Firewall

April 2025

Download the complete report

Helped 850,671 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Fortinet FortiGate

Mindshare comparison

As of May 2025, in the Firewalls category, the mindshare of Fortinet FortiGate is 21.4%, up from 17.7% compared to the previous year. The mindshare of Cisco Secure Firewall is 6.0%, up from 5.5% compared to the previous year. The mindshare of Zscaler Cloud Firewall is 0.4%, up from 0.3% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Firewalls

Featured Reviews

EhabAli

Sr. Cybersecurity Solutions Architect at BMB

Efficient, user-friendly, and affordable

In the past, NSS Labs was utilized to test files and verify the numbers and datasheets. It would be beneficial to have an organization or testing lab that can verify the numbers in our datasheets since changes are frequently made, which can be inconvenient for review. For instance, when comparing different competitors such as Forcepoint, Palo Alto, and Check Point, the throughput or numbers in the datasheet may be lower than the actual numbers. Conversely, Fortinet typically reports very high numbers, but they cannot be replicated in the real world. Therefore, it would be advantageous for them to partner with a neutral testing organization such as NSS Labs to validate these numbers, thus providing more credibility and comfort to everyone regarding the accuracy of the datasheets. For the migration, everyone has a firewall in use and I am selling Fortinet. Typically, I am replacing another firewall. Previously, there was a tool available to convert configurations from one firewall, such as Palo Alto, to Fortinet, but this tool is no longer free. If it could be made free again, it would be very beneficial. This tool shows a lot of promise and is very good. Making it free would help many companies deliver their products in a more efficient and integrated way. It would also be more valuable to include the tool with the firewall package or license instead of having to pay extra for it. Paying extra puts more pressure on small companies to deliver the firewall and complete the configuration, especially if they have hundreds or thousands of policies. It's very painful to move through these policies line by line. The stability has room for improvement. When it comes to Secure SD-WAN, everything is fine. They are going the right way. SD-WAN is very promising. They can provide the SD-WAN solution separately, but they will not take this approach because even the smallest firewall can support the features, so there is no need to have a separate service or appliance. They are following the right steps, and there is nothing to be improved. Feature-wise, I'm really satisfied with the new release, and the features they have added. For now, it's fine.

Read full review

Maharajan S

VSO at a computer software company with 501-1,000 employees

Enhances security with precise access control but has integration challenges

Overall, I would rate the product six out of ten. Because of the support and cost, I moved away from Cisco, but otherwise, it is a good product. Recommendation depends on the requirement. If lacking a proper team and being dependent on the OEM and partner, Cisco is not suitable. However, if the team is qualified with Cisco-certified people and the requirement is a big network, it can be considered. In today's hybrid work world, having an expanded gateway is more typical than having a single one. Thus, Cisco is unlikely to be recommended for a hybrid requirement unless in-house skills align. Otherwise, depending on partners and Cisco, it can be a risk. I rate the overall solution six out of ten.

Read full review

Bhaskar Rao

Network manager admin at Yamaha

Though it helps deal with web traffic or any malicious traffic, it needs to work on its DC performance issues

The product's initial setup phase is moderate in level, so it is neither very complex nor very easy. For the deployment, my company first needs to gather all the requirements of the users and the domain names and consider how many users there are in the company. In the implementation and planning part, my company needs to consider what kind of policies we will create while ensuring that the policies are created based on the requirements of the users. There is a need to segregate the users' requirements since there are separate departments in the company, like the HR department, sales department, IT department, and manufacturing department, so that our company can create policies depending on their requirements. On-site, if you want a GRE tunnel, our company can handle GRE tunnel traffic routing and Zscaler Cloud Firewall, after which Zscaler will take action based on the policies created by our organization. For the deployments and maintenance, a team of five members consisting of two managers and three engineers is required.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The IPsec tunnels are very easily created, and quite interoperable with devices from other vendors."

"Provides good firewall security and has great VPN features."

"Fortinet has a very good solution for Secure SD-WAN. One very good feature is that they have robust and simple FortiOS through which they provide all solutions. That's their strength. There's not much complexity involved with the Secure SD-WAN solution of Fortinet as compared to Cisco's solution, which has a lot of flexibility but complexity also comes with that flexibility."

"I like several features that this product has, such as antivirus and internet navigation inspection. It is also simple to use."

"It has very easy management and an amazing ETM configuration."

"The product offers very good security."

"It is quite easy to handle."

"We are very happy with the general bandwidth agility we have seen from one website to another website."

More Fortinet FortiGate pros

"If configured, Firepower provides us with application visibility and control."

"The features I have found most valuable are the ASA firewalls. I like to have features like most integrated systems in ACI."

"The most valuable features of this solution are the integrations and IPS throughput."

"Most firewalls have a challenge of identifying keywords and providing restricted access, which I encountered. However, Cisco Firewall has very good features, like trusted applications and restricted access for users based on keywords."

"One of the nice things about Firepower is that you can set it to discover the environment. If that is happening, then Firepower is learning about every device, software operating system, and application running inside or across your environment. Then, you can leverage the discovery intelligence to get Firepower to select the most appropriate intrusion prevention rules to use for your environment rather than picking one of the base policies that might have 50,000 IPS rules in it, which can put a lot of overhead on your firewall. If you choose the recommendations, as long as you update them regularly, you might be able to get your rule set down to only 1,000 or 1,500, which is a significant reduction in a base rule set. This means that the firewall will give you better performance because there are less rules being checked unnecessarily. That is really useful."

"If you compare the ASA and the FirePOWER, the best feature with FirePOWER is easy to use GUI. It has most of the same functionality in the Next-Generation FirePOWER, such as IPS, IPS policies, security intelligence, and integration and identification of all the devices or hardware you have in your network. Additionally, this solution is user-friendly."

"I like all of the features."

"The integration and configuration were pretty straightforward."

More Cisco Secure Firewall pros

"It is a stable solution."

"The product’s firewall and VPN package are fantastic compared to any other solution."

"The technical support from Zscaler was excellent."

"Zscaler Cloud Firewall understands the applications in the current generation and adapts to the present generation cloud applications."

"Zscaler is still a very good product."

"Once you have Zscaler running you have access to configure it however you want."

"Zscaler provides effective protection against various cyber threats ensuring a safe environment"

"Most of the features that Zscaler has to offer, we will deploy."

More Zscaler Cloud Firewall pros

Cons

"Fortinet could improve the windows opener or the virtual IP solutions for opening windows. The virtual IP settings need improvement as firewalls are trending in new development directions."

"The process of configuring firewall rules appears excessively complex."

"It needs more available central management."

"You do need some IT knowledge in order to effectively work with the solution."

"Security is a continuous process. In every product, there is a requirement for improvement. Its pricing should also be improved according to Indian market requirements. They must also improve on the reporting part. Its reporting can be more precise. If we can get a real-time report in a specific format, it will be helpful for customers to know about the current status of their security."

"Their software support needs improvement. I would prefer to have better support for bug fixes. Sometimes, we open a ticket, and it is very difficult to get a solution. Specifically, we are not at all happy with their support for load balancing."

"Though the tool's GUI is user-friendly, it can be considered as an area with certain shortcomings where improvements are required."

"One of the features that I would like to have is to do with endpoint production, it should be integrated. For example, the firewall gets notified of any kind of forensic event that needs to be done, such as if there is a ransomware attack and how it originated, all those records have to be available from the firewall, which is not."

More Fortinet FortiGate cons

"Usually, the customers are satisfied, but I am going to recommend that all clients upgrade to FirePOWER management. I want Cisco to improve the feature called anti-spam. We use a Cisco only email solution, that's why we need the anti-spam on email facility."

"One area where the ASA could be improved is that it doesn't have AMP. When you get an ASA with the Firepower model, ASA with FTD, then you have advanced malware protection."

"Some of the features, like the stability, need to be improved."

"When we're looking at full-stack visibility, it can be difficult to get the right information out of Firepower."

"The performance should be improved."

"More intuitive support for SIP services are needed. This took a long time to configure properly for the user."

"We would like to see MS Word BPM as a feature."

"One big pain point I have is the ASDM interface because it's Java, and sometimes, it's a bit buggy and has low performance. That's something that probably won't be improved because of backward compatibility."

More Cisco Secure Firewall cons

"The issue right now is probably that Zscaler is not providing web browser isolation. Another solution, Menlo, offers this. For one customer, we had to send traffic to Menlo to do the isolation for us. It was requested by the customer so that they could integrate any iframe. Zscaler needs to add this type of feature in their next release."

"Certain criteria need to be met if you want to scale this solution."

"There are several areas for improvement. Firstly, the GUI is outdated, with noticeable lags and delays, especially when generating reports for past transactions."

"Its technical support services could be better."

"It would be nice to have some sort of a form factor, a physical form factor perhaps, or virtual machine that you could install on devices or on a cloud, and have some cloud computing."

"Instead of the standard license, they should certainly provide customers with the visibility to access and view the logs."

"When it comes to customer support, there is room for improvement in Zscaler's service."

"Data Leak Prevention is only for web filtering and there is no protection for email."

More Zscaler Cloud Firewall cons

Pricing and Cost Advice

"We just pay a flat monthly fee to the vendor for the support."

"It is more affordable than Check Point and Palo Alto. Another thing is that all the features and the OS remain the same irrespective of the size of the device. Pricing-wise, Fortinet typically provides one-year support with the firewall appliance. There is also an option for three years which is how their licensing works."

"The price of FortiGate is average and I would say that based on the top five products available on the market, it is in the affordable range."

"It's expensive, but compared to the competition it's okay."

"It is too expensive for us. My organization is very small, and we have a total of ten users. We have three internal users and seven external users. The FortiGate 100D series is too expensive for renewing the licenses."

"Pricing is lower than Cisco."

"The pricing depends on the FortiGate model we are using, ranging from $3,000 to $20,000 US dollars."

"The price of Fortinet FortiGate is reasonable for an SME."

More Fortinet FortiGate pricing and cost advice

"Licensing is not only for Secure Firewalls, and it's too complicated."

"In the past, I encountered several difficulties and misunderstandings with Cisco licensing, but now the situation has improved. The Cisco Smart Software portal is an excellent resource for keeping track of, upgrading, and researching information related to Smart Licensing and other relevant topics. It is extremely helpful. Unfortunately, since it is not my money and there is only one vendor, I am unable to provide any comments on the prices. Nevertheless, the system, along with its provision through the Cisco Smart Software portal, as well as the traditional license and subscription models, are excellent and highly beneficial."

"Cisco is considered to be an expensive solution."

"Licensing is expensive compared to other solutions."

"The cost of this solution is high."

"In terms of scalability, it is really expensive. It is scalable, but when it comes to pricing, the upgrading is a bit high."

"The licensing is not as complicated as that for some other Cisco products. There are a couple of tiers of licensing, but the price point is a little too high for the market. There are other vendors that come in lower and offer more for fewer licensing options. They may offer URL filtering or malware filtering with a single license rather than requiring two or three licenses. I think Cisco could do a bit more in this area."

"Pricing is why we had to go for a UTM. For us to achieve what we needed, if we had gone with the ASA, the cost would have been high compared to getting one box (UTM)."

More Cisco Secure Firewall pricing and cost advice

"On a scale from one to ten, where one is cheap, and ten is expensive, I rate the solution's pricing an eight out of ten."

"It comes at a significantly reduced cost while ensuring control and effectiveness."

"The product is a bit expensive compared to the solutions offered by its competitors, like Palo Alto. There is a need to make yearly payments towards the license in charges associated with the product."

"There is an annual license required for the use of the Zscaler Cloud Firewall."

"The licensing is on a yearly basis. It is somewhere around 30 or 40 pounds per user for our organization."

"There are licensing costs, and I would not say that it's a cheap vendor."

"It is not the most budget-friendly solution, but it's important to consider its overall value."

"It is expensive for small businesses."

More Zscaler Cloud Firewall pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Firewalls solutions are best for your needs.

See recommendations

850,671 professionals have used our research since 2012.

Comparison Review

it_user206346

Security Consultant at Webernetz.net - Network Security Consulting

Mar 11, 2015

Cisco ASA vs. Palo Alto Networks

Cisco ASA vs. Palo Alto: Management Goodies You often have comparisons of both firewalls concerning security components. Of course, a firewall must block attacks, scan for viruses, build VPNs, etc. However, in this post I am discussing the advantages and disadvantages from both vendors concerning…

Read full review

Top Industries

By visitors reading reviews

Educational Organization

20%

Computer Software Company

14%

Comms Service Provider

Manufacturing Company

Educational Organization

40%

Computer Software Company

13%

Manufacturing Company

University

Computer Software Company

14%

Financial Services Firm

12%

Manufacturing Company

Government

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

Which is the better NGFW: Fortinet Fortigate or Cisco Firepower?

When you compare these firewalls you can identify them with different features, advantages, practices and usage a...

See all answers

What is the biggest difference between Sophos XG and FortiGate?

From my experience regarding both the Sophos and FortiGate firewalls, I personally would rather use FortiGate. I know...

See all answers

What are the biggest technical differences between Sophos UTM and Fortinet FortiGate?

As a solution, Sophos UTM offers a lot of functionality, it scales well, and the stability and performance are quite ...

See all answers

Which is better - Fortinet FortiGate or Cisco ASA Firewall?

One of our favorite things about Fortinet Fortigate is that you can deploy on the cloud or on premises. Fortinet Fort...

See all answers

How does Cisco's ASA firewall compare with the Firepower NGFW?

It is easy to integrate Cisco ASA with other Cisco products and also other NAC solutions. When you understand the Cis...

See all answers

Which is better - Meraki MX or Cisco ASA Firewall?

Cisco Adaptive Security Appliance (ASA) software is the operating software for the Cisco ASA suite. It supports netw...

See all answers

Which lesser known firewall product has the best chance at unseating the market leaders?

Netscope, Zscaler if they continue route they are on now. FIrewalls needs great deal of automation on each end, datac...

See all answers

What do you like most about Zscaler Cloud Firewall?

The product’s firewall and VPN package are fantastic compared to any other solution.

See all answers

What is your experience regarding pricing and costs for Zscaler Cloud Firewall?

Zscaler Cloud Firewall is quite expensive compared to competitors. However, it offered moderate value for money.

See all answers

Comparisons

Sophos XG vs Fortinet FortiGate

Compared 22% of the time

Netgate pfSense vs Fortinet FortiGate

Compared 13% of the time

WatchGuard Firebox vs Fortinet FortiGate

Compared 5% of the time

SonicWall TZ vs Fortinet FortiGate

Compared 5% of the time

Meraki MX vs Fortinet FortiGate

Compared 4% of the time

More Fortinet FortiGate Competitors

Palo Alto Networks WildFire vs Cisco Secure Firewall

Compared 8% of the time

Palo Alto Networks NG Firewalls vs Cisco Secure Firewall

Compared 6% of the time

Netgate pfSense vs Cisco Secure Firewall

Compared 5% of the time

OPNsense vs Cisco Secure Firewall

Compared 4% of the time

Meraki MX vs Cisco Secure Firewall

Compared 3% of the time

More Cisco Secure Firewall Competitors

Azure Firewall vs Zscaler Cloud Firewall

Compared 16% of the time

OPNsense vs Zscaler Cloud Firewall

Compared 10% of the time

Check Point NGFW vs Zscaler Cloud Firewall

Compared 8% of the time

Palo Alto Networks NG Firewalls vs Zscaler Cloud Firewall

Compared 8% of the time

Sangfor NGAF vs Zscaler Cloud Firewall

Compared 4% of the time

More Zscaler Cloud Firewall Competitors

Product Reports

Buyer's Guide

Fortinet FortiGate

May 2025

Download Fortinet FortiGate product report

Buyer's Guide

Cisco Secure Firewall

May 2025

Download Cisco Secure Firewall product report

Buyer's Guide

Zscaler Cloud Firewall

April 2025

Download Zscaler Cloud Firewall product report

Also Known As

FortiGate 60b, FortiGate 60c, FortiGate 80c, FortiGate 50b, FortiGate 200b, FortiGate 110c, FortiGate, Fortinet Firewall

Cisco Adaptive Security Appliance (ASA) Firewall, Cisco ASA NGFW, Adaptive Security Appliance, Cisco Sourcefire Firewalls, Cisco ASAv, Cisco Firepower NGFW Firewall

No data available

Overview

Fortinet FortiGate offers comprehensive network security and firewall protection across multiple locations. It effectively manages data traffic and secures environments with features like VPN, intrusion prevention, and UTM controls.

Organizations rely on Fortinet FortiGate for its robust integration with advanced security policies, ensuring significant protection for enterprises, cloud environments, and educational sectors. It facilitates network segmentation, application-level security, and authentication management, securing communication within and between locations such as branches and data centers. Its efficient SD-WAN and UTM features enable streamlined data management and enhanced threat protection capabilities. Users appreciate its centralized management, facilitating seamless operations across diverse environments.

What are the key features of Fortinet FortiGate?

VPN Capabilities: Ensure secure remote access for users and seamless site-to-site connections.
Intrusion Prevention System (IPS): Detect and prevent security threats and vulnerabilities.
Advanced Firewall: Offers robust firewalling with application control and web filtering.
SD-WAN: Optimizes application performance and enhances bandwidth management.
SSL VPN: Provides reliable and secure access for remote workers.

What benefits should users expect from Fortinet FortiGate?

High-performance Security: Delivers effective threat mitigation with high availability.
Centralized Management: Simplifies network operations with cloud-based management tools.
Detailed Analytics: Provides comprehensive insights into network activity and security threats.
Load Balancing: Ensures optimal resource distribution and traffic management.

Fortinet FortiGate is crucial in sectors like education, offering robust networks for secure data flow between campuses and facilitating remote learning. In enterprise environments, it allows efficient management of application traffic and security across multiple branches, while in the cloud, it seamlessly integrates with diverse platforms to enhance security infrastructure.

Fortinet

Cisco Secure Firewall stands as a robust and adaptable security solution, catering to organizations of all sizes. It's designed to shield networks from a diverse array of cyber threats, such as ransomware, malware, and phishing attacks. Beyond mere protection, it also offers secure access to corporate resources, beneficial for employees, partners, and customers alike. One of its key functions includes network segmentation, which serves to isolate critical assets and minimize the risk of lateral movement within the network.

The core features of Cisco Secure Firewall are multifaceted:

Advanced threat protection is achieved through a combination of intrusion prevention, malware detection, and URL filtering technologies.
For secure access, the firewall presents multiple options, including VPN, remote access, and single sign-on.
Its network segmentation capability is vital in creating barriers within the network to safeguard critical assets.
The firewall is scalable, effectively serving small businesses to large enterprises.
Management is streamlined through Cisco DNA Center, a central management system.

The benefits of deploying Cisco Secure Firewall are substantial. It significantly reduces the risk of cyberattacks, thereby enhancing the security posture of an organization. This security also translates into increased productivity, as secure access means uninterrupted work. Compliance with industry regulations is another advantage, as secure access and network segmentation align with many regulatory standards. Additionally, it helps in reducing IT costs by automating security tasks and simplifying management processes.

In practical scenarios, Cisco Secure Firewall finds diverse applications. It's instrumental in protecting branch offices from cyberattacks, securing remote access for various stakeholders, safeguarding cloud workloads, and segmenting networks to isolate sensitive areas.

User reviews from PeerSpot reflect an overall positive experience with the Cisco Secure Firewall. Users appreciate its ease of configuration, good management capabilities, robust protection, user-friendly interface, and scalability. However, some areas for improvement include better integration capabilities with other vendors, maturity, control over bandwidth for end-users, and addressing software bugs.

In summary, Cisco Secure Firewall is a comprehensive, versatile, and reliable security solution that effectively meets the security needs of various organizations. It offers a balance of advanced protection, user-friendly management, and scalability, making it a valuable asset in the realm of network security.

Cisco

Zscaler enables the world’s leading organizations to securely transform their networks and applications for a mobile and cloud first world. Its flagship services, Zscaler Internet Access and Zscaler Private Access, create fast, secure connections between users and applications, regardless of device, location, or network. Zscaler services are 100% cloud-delivered and offer the simplicity, enhanced security, and improved user experience that traditional appliances or hybrid solutions are unable to match. Used in more than 185 countries, Zscaler operates the world’s largest cloud security platform, protecting thousands of enterprises and government agencies from cyberattacks and data loss.

Check more details: https://www.zscaler.com/produc...

Zscaler

Sample Customers

Amazon Web Services, Microsoft, IBM, Cisco, Dell, HP, Oracle, Verizon, AT&T, T-Mobile, Sprint, Vodafone, Orange, BT Group, Telstra, Deutsche Telekom, Comcast, Time Warner Cable, CenturyLink, NTT Communications, Tata Communications, SoftBank, China Mobile, Singtel, Telus, Rogers Communications, Bell Canada, Telkom Indonesia, Telkom South Africa, Telmex, Telia Company, Telkom Kenya

There are more than one million Adaptive Security Appliances deployed globally. Top customers include First American Financial Corp., Genzyme, Frankfurt Airport, Hansgrohe SE, Rio Olympics, The French Laundry, Rackspace, and City of Tomorrow.

Zenith Live, Azure, Carlsberg Group

Buyer's Guide

Cisco Secure Firewall vs. Zscaler Cloud Firewall

April 2025

Free Report: Cisco Secure Firewall vs. Zscaler Cloud Firewall

Find out what your peers are saying about Cisco Secure Firewall vs. Zscaler Cloud Firewall and other solutions. Updated: April 2025.

DOWNLOAD NOW

850,671 professionals have used our research since 2012.

See our Cisco Secure Firewall vs. Zscaler Cloud Firewall report.

See our list of best Firewalls vendors.

We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.