We performed a comparison between Cisco Secure Firewall and Palo Alto Networks NG Firewalls based on our users’ reviews in four categories. After reading all of the collected data, you can find our conclusion below.
Features: Cisco Secure Firewall is commended for its threat defense, dashboard visibility, seamless integration with other Cisco products, and ease of use. Palo Alto Networks NG Firewalls are highly regarded for their embedded machine learning, robust security capabilities, and intuitive interface.
Both the Cisco Secure Firewall and Palo Alto Networks NG Firewalls have numerous areas for improvement. The Cisco Secure Firewall needs enhancement in network performance, policy administration, advanced features, management interface, patching and bug fixing, integration with other tools, and centralized management. Palo Alto Networks NG Firewalls can improve in terms of customization, next-generation capabilities, rule creation, monitoring interface, bug fixing, configuration simplicity, support processes, ACC tool, IPv6 support, VPN functionality, GUI interface, training materials, SSL inspection, and external dynamic list feature.
Service and Support: Customer opinions on the customer service of Cisco Secure Firewall vary, as some customers appreciate the technical support they receive, while others encounter delays and challenges. Palo Alto Networks NG Firewalls also receive mixed reviews for their customer service. While some customers commend the expertise of their support team, others express frustration with contacting the team and enduring lengthy wait times.
Ease of Deployment: The setup process for Cisco Secure Firewall can be more or less complex depending on the user's familiarity and environment. The initial setup for Palo Alto Networks NG Firewalls is described as simple, uncomplicated, and effortless. Users appreciate its user-friendly and efficient design, with readily available training materials for easy comprehension.
Pricing: Reviewers have differing opinions on the setup cost of Cisco Secure Firewall. Some consider it expensive due to additional expenses for licensing, support, and hardware. Palo Alto Networks NG Firewalls are generally acknowledged to have higher pricing. Reviewers note that Palo Alto Networks offers competitive hardware prices and discounts for multi-year licenses.
Comparison Results: Palo Alto Networks NG Firewalls is the preferred choice when compared to Cisco Secure Firewall. Users find the initial setup of Palo Alto Networks NG Firewalls to be straightforward and easy. Palo Alto Networks NG Firewalls stands out for its embedded machine learning capabilities, strong security features, and user-friendly interface.
"Virtual Domains (VDOMs) are a feature that we found valuable."
"This is an easy solution to deploy."
"The solution is easy to configure and maintain remotely."
"You can purchase switches and you don't need to do anything with them. You just put in the firewall and the switches get all the policies and rules that you already have in the firewall. With Fortinet, you just connect the FortiSwitch to the Fortinet and that's it."
"It is easy to use and performs very well."
"Overall, the pricing of the solution is very good. The product offers good value."
"It's quite comfortable to handle the FortiGate firewall."
"The most valuable feature of Fortinet FortiGate is the simple configuration."
"A powerful enterprise security solution that is dependible."
"We find all of its features very useful. Its main features are policies and access lists. We use both of them, and we also use routing."
"I have found the most valuable feature to be the access control and IPsec VPN."
"The grouping of the solutions helps save time. If you have a problem and you have a high-level overview of the system, you can easily dig deeper into the problem. For example, I can check to see why ASA isn't working but the reason for the outage is actually because of Duo. I can spend a lot of time working in the wrong direction because I didn't have an overview."
"The information coming from Talos does a good job... I like the fact that Cisco is working with them and getting the information from them and updating the firewall."
"Cybersecurity resilience has been paramount. Because there is a threat of losing everything if ransomware or another sort of attack were to happen, the cybersecurity resilience has been top-notch."
"Our company operates in Saudi Arabia, primarily working with government sectors. If any hardware malfunctions, the defective device is removed, and we receive a replacement from the reseller. We have not encountered any issues related to delays in receiving replacements for malfunctioning devices which has been beneficial."
"Basic firewalling is obviously the most valuable. In addition to that, secure access and remote access are also very useful for us."
"DNS Security is a good feature because, in the real world with web threats, you can block all web threats and bad sites. DNS Security helps to prevent those threats. It's also very helpful with Zero-day attacks because DNS Security blocks all DNS requests before any antivirus would know that such requests contain a virus or a threat to your PC or your network."
"Palo Alto Networks NG Firewalls enable efficient application search, viewing, and configuration access across various services for different user groups within our company."
"The feature that I like the most is its IPS model, the WildFire model. I really like how the whole threat protection model functions, including the vulnerability and anti-spyware aspects. That is really awesome."
"IoT security is most valuable in the current version. Content IDs, DDoS protection, zone protection, and DLP are the most prominent features in Palo Alto Networks NG Firewall. It is easier to configure than other solutions."
"The solution does a great job of identifying malicious items and vulnerabilities with URL filtering."
"The most important feature is the firewall. We can make rules to filter the application layer of traffic. It's a very helpful feature."
"The most valuable feature is WildFire, which blocks sophisticated attacks and distinguishes it from other traditional firewall functions."
"We like the fact that this product can provide multiple layers of protection depending on our clients requirements, and can be configured to whatever level of protection and the specific protocols that they want."
"To some degree, it's almost a question as to why some of this stuff isn't simpler. For example, for an AP deployment, while it's integrated, the number of steps that you have to go through in order to get the AP up, seems like a lot."
"We sometimes have issues with FortiGate's routing table in the latest firmware update. We had to downgrade the device because our customers complained about bugs."
"I think they need to improve more in order to be a competitor with the leaders of the field."
"The solution lacks multi-language support."
"The reports are very basic."
"A sandbox would be good in order to be able to inspect the emails containing spam and be able to validate the emails that contain malware, prior to delivering to the customer."
"If they had better integration with security products, such as Cisco ISE or Rapid Threat Containment, then it would be an improvement."
"They sometimes hide some features and if you want to enable them, you have to go in the CLI, enable the feature and configure it through the CLI. Customers, typically, like everything to be done by the GUI."
"In my experience, a number of engineers get tunnel vision with devices. This is exacerbated by vendors fostering a silo mentality in disciplines."
"One of the few things that are brought up is that for the overall management, it would be great to have a cloud instance of that. And not only just a cloud instance, but one of the areas that we've looked at is using an HA type of cloud. To have the ability to have a device file within a cloud. If we had an issue with one, the other one would pick up automatically."
"The inclusion of an autofill feature would improve the ease of commands."
"We would like to see improvement in recovery. If there is an issue that forces us to do recovery, we have to restart or reboot. In addition, sometimes we have downtime during the maintenance windows. If Cisco could enhance this, so that upgrades would not necessarily require downtime, that would be helpful."
"Cisco wasn't first-to-market with NGFWs... they should look at what other vendors are doing and try not only to be on the same wavelength but a little bit better."
"There is room for improvement in the stability or software quality of the product. There were a few things in the past where we had a little bit of a problem with the product, so there is room for improvement."
"Most of the time, when I try to run Java, it is not compatible with ASA's current operating systems."
"I think they need to review their whole UI because it feels like it was created by a whole bunch of different teams of developers who didn't fully talk to each other. The net policy screen is just a mess. It should look like the firewall policy screen, and they should both act the same, but they don't. I feel like it's two different buildings or programming, who don't talk to each other, and that really annoys me."
"We would like to see improvement in the web interface for this solution, so that it can handle updates without manual intervention to put the data in order."
"In the cloud, the HA could be a lot better. Its price could also be better. It is very expensive."
"The first level of support will usually do nothing for you. If you're an IT company, you're not looking for level one support. You need to escalate. Other vendors have a direct support line for enterprise clients, but not Palo Alto."
"There has been a recent change in the graphical interface. For the monitoring part, they could have a better UI."
"I think they need to have a proper hardware version for a smaller enterprise. We had to go to a very high-end version which is very expensive. If we chose the lower-end version, it would not meet our goals. A middle-end is missing in its portfolio."
"The analytics could be improved."
"The solution doesn't support routing in virtual firewall creation, and we want that to be enabled."
"They can improve the handling and management of User-ID. They should also improve its price. Their technical support can also be improved."
More Palo Alto Networks NG Firewalls Pricing and Cost Advice →
Cisco Secure Firewall is ranked 4th in Firewalls with 404 reviews while Palo Alto Networks NG Firewalls is ranked 6th in Firewalls with 162 reviews. Cisco Secure Firewall is rated 8.2, while Palo Alto Networks NG Firewalls is rated 8.6. The top reviewer of Cisco Secure Firewall writes "Highlights and helps us catch Zero-day vulnerabilities traveling across our network". On the other hand, the top reviewer of Palo Alto Networks NG Firewalls writes "We get reports back from WildFire on a minute-by-minute basis". Cisco Secure Firewall is most compared with Palo Alto Networks WildFire, Netgate pfSense, Meraki MX, Sophos XG and Juniper SRX Series Firewall, whereas Palo Alto Networks NG Firewalls is most compared with Check Point NGFW, Azure Firewall, Meraki MX, Sophos XG and OPNsense. See our Cisco Secure Firewall vs. Palo Alto Networks NG Firewalls report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
Pricewise Cisco. But PA has better rating.
Palo Alto is better.
In my Oppinion, Palo Alto is better than Cisco. You can refer in NSS Lab 2018 & 2019 DCSG-SVM, NSS-labs-NGIPS-Comparative-Report, and some report from Forester about Zero Trust Architecture, and Gartner SASE report to discus more advantages of Palo Alto in the future