No more typing reviews! Try our Samantha, our new voice AI agent.

Arista Edge Threat Management NG Firewall vs Cisco Secure Firewall comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Apr 5, 2026

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Arista Edge Threat Manageme...
Ranking in Firewalls
41st
Average Rating
7.2
Reviews Sentiment
6.6
Number of Reviews
4
Ranking in other categories
No ranking in other categories
Cisco Secure Firewall
Ranking in Firewalls
3rd
Average Rating
8.2
Reviews Sentiment
6.9
Number of Reviews
464
Ranking in other categories
Cisco Security Portfolio (2nd)
 

Mindshare comparison

As of July 2026, in the Firewalls category, the mindshare of Arista Edge Threat Management NG Firewall is 0.3%, up from 0.1% compared to the previous year. The mindshare of Cisco Secure Firewall is 7.6%, up from 6.0% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Firewalls Mindshare Distribution
ProductMindshare (%)
Cisco Secure Firewall7.6%
Arista Edge Threat Management NG Firewall0.3%
Other92.1%
Firewalls
 

Featured Reviews

TarunKumar11 - PeerSpot reviewer
Global Leadership Council at a tech company with 10,001+ employees
Secure internet access has reduced threats and simplifies firewall management for distributed teams
Threat detection needs improvement; Arista Edge Threat Management NG Firewall should follow Alto and Fortinet. One limitation that I've seen is AI-driven automation which needs to vastly improve. It has fewer third-party integrations, and therefore the adoption amongst very large enterprises is less; it's largely with the SMBs. Customer support can be improved. It's a smaller global footprint that Arista provides, with fewer certified partners in some regions and limited 24/7 support for premium vendors. I've categorically mentioned that it has sophisticated threat detection capabilities but they can be bettered. AI-driven automation can be improved, and therefore, I think the adoption with large enterprises can be much better. I think the current AI capabilities of Arista Edge Threat Management NG Firewall are a bit limited compared to other vendors. It primarily relies on threat intelligence feeds, signature-based detection, and reputation services. Currently, I would rate its AI capabilities as probably a seven out of ten because it does not provide for extensive GenAI or advanced ML-driven autonomous capabilities like some of its competitors. Threat intelligence aspects can be further improved, and I think there's a lot that the product can do with respect to the usage of AI. AI-driven automation and threat detection can vastly improve. I don't think they were purchased through AWS Marketplace. The adoption has to increase amongst large customers, and threat intelligence needs to improve for many customers to adopt, enhancing the security ecosystem that is relatively small.
RajeshKumar - PeerSpot reviewer
Network Consultant at a outsourcing company with 1,001-5,000 employees
Unified policies have strengthened zero-trust demos and automate rapid threat containment
Feedback and Improvement Areas – Cisco Secure Firewall (Customer Perspective) From a customer point of view, there are a few improvement areas observed while positioning Cisco Secure Firewall in competitive scenarios. 1. Dashboard & Visibility Enhancements Customers often compare firewall dashboards across different OEMs during evaluation. * Competing vendors typically provide more feature-rich and visually detailed dashboards. * There is a perception that Cisco dashboards still require enhancement in terms of visualization, consolidated reporting, and built-in analytics. * Some OEMs advertise additional security capabilities clearly within their publicly available data sheets, making competitive positioning easier. In comparison, Cisco sometimes references separate documentation or explains how certain capabilities (such as anti-spam or antivirus functionality) can be achieved through integration or ecosystem components rather than native, built-in features. This creates a perception gap during customer discussions. Improvement Opportunity: * Enhance dashboard capabilities. * Clearly articulate feature availability in public documentation and data sheets. * Reduce dependency on cross-referenced documentation for commonly compared features. 2. Virtual Firewall / Multi-Instance Capabilities in Lower Models Another competitive challenge relates to virtual firewall capabilities. * Several OEMs provide virtual firewall (VDOM-like) functionality in lower-end models. * In Cisco’s portfolio, multi-instance capability typically starts from higher-end platforms such as the 3K series or higher. * Customers looking for smaller deployments with logical segmentation are often forced to consider higher models, resulting in a price jump. Competitors also offer: * Compact hardware models * Dongle-based firewall appliances * Smaller entry-level products with virtual segmentation In Cisco’s case: * To achieve similar multi-instance functionality, customers must opt for higher-tier models. * This creates a significant pricing gap in entry-level or SMB deployments. This pricing difference becomes a key factor when customers compare solutions. If competitors offer a lower-cost model with virtual segmentation, and Cisco requires a higher platform investment, customers may lean toward alternative OEMs. 3. Documentation Gaps – OT Protocol Visibility In our lab environment, we have deployed Cisco Secure Firewall and are using Application Visibility and Control (AVC) for OT network monitoring. Observations: * OT protocols are clearly visible within application visibility. * The firewall successfully identifies and classifies OT traffic. However: * This capability is not clearly mentioned in publicly available documentation. * When a feature is available and functional, it should be explicitly documented in data sheets and feature guides. The need for third-party integration depends on what we are looking for. Here I am saying that the integration with Cisco NAC can be done because RTC functionality is only available with Cisco ISE and the firewall integration. For other ecosystems, if we use a NAC solution that is not Cisco, we can still integrate it for user authentication, such as with VPN user authentication. But in that case, we don't achieve the same functionality, such as RTC with other NAC solutions. This is one aspect. Another part is that if we are using it, it always happens with some NAC solutions because we have Cisco NAC and Cisco firewall; we want consistent policy across the network, whether the user is on-prem or using VPN services. If this is a unified OEM solution, in that case, we require an agent, such as the Cisco Secure Client. That allows us to easily check the posture status of the remote user and connect to the network effortlessly. But if we are using a third-party solution, we can't achieve that. From a SIEM perspective, certain prerequisites must be fulfilled before integration with Cisco Secure Firewall can be completed. The feasibility of integration depends on the capabilities of the SIEM platform. If the SIEM solution supports the required APIs and event handling mechanisms, similar functionality can be achieved. Therefore, integration itself is generally not the challenge; the key consideration is the desired security outcome within the overall ecosystem. If the customer does not have a SIEM solution and intends to automate quarantine actions or enforce restricted access for users, a Network Access Control (NAC) solution becomes mandatory. In this scenario, the recommended NAC solution is Cisco Identity Services Engine (Cisco ISE). Automated quarantine and dynamic access control workflows are dependent on NAC capabilities. From a feature enhancement perspective for Cisco Secure Firewall, deeper NAC-driven integration adds significant value. 1. TrustSec / Tag-Based Policy Enforcement Cisco ISE supports Cisco TrustSec, which enables Security Group Tag (SGT)-based segmentation. * In traditional (legacy) networks, firewall policies are created based on IP addresses. * With TrustSec, policies are defined based on user identity, group membership, and security tags instead of IP subnets. * When users authenticate to the network, Cisco ISE assigns Security Group Tags (SGTs). * These tags are shared with Cisco Secure Firewall. * The firewall then enforces policies based on SGT-to-SGT rules rather than IP-to-IP rules. Benefits: * Significant reduction in the number of firewall rules * Simplified policy management * Improved scalability * Easier implementation of role-based access control This integration enhances operational efficiency and security posture. 2. Rapid Threat Containment (RTC) Another key capability is Rapid Threat Containment (RTC). If Cisco Secure Firewall detects malicious activity—such as malware download attempts identified via signature-based or advanced threat detection—it can notify Cisco ISE about the compromised endpoint. Based on this input: * Cisco ISE can automatically quarantine the user * The endpoint can be moved to a restricted VLAN * Access can be dynamically limited without manual intervention This automated workflow ensures faster response time and reduces the risk of lateral movement within the network. 3. VPN and Posture Assessment This functionality is not limited to wired or LAN users. For VPN users: * Authentication can be integrated with third-party NAC solutions. * However, if posture assessment (device compliance checking) is required in addition to authentication, Cisco ISE integration with Cisco Secure Firewall becomes essential. Cisco ISE enables: * Endpoint posture validation * Dynamic policy assignment * Automated remediation workflows

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Arista Edge Threat Management NG Firewall has positively impacted my organization by reducing botnet attacks."
"Phish Blocker is a valuable feature."
"The product's initial setup phase is easy."
"I would say that if you're a small and medium enterprise or an education institution and you have a distributed organization looking for a cost-effective and easy-to-manage next-generation firewall solution with fairly good security, VPN, filtering, and centralized management, then Arista Edge Threat Management NG Firewall is an excellent choice."
"Cisco Secure Firewall helps organizations improve by making networking easier, as they have provided a graphical user interface for much of the functionality."
"ASA is stable and with a low level of work required on the maintenance side."
"What I like about Cisco is the security zone. By default when you configure it, it gives you a security zone, which other firewalls don't have."
"Cisco ASA firewall is most reliable to protect the network, therefore I switched."
"The return on investment is not going to be restricted to just the box, because nowadays, if you look at the integrated security that Cisco has been heavily investing into, it's not just about ASA doing the firewalling functions."
"I work with Cisco and other partners, but the Cisco team is the best team in our country. When I call them, they always help us."
"The most valuable feature would be the IP blocking. It gets rid of things that you don't need in your environment."
"For us, the most valuable features are the IPX and the Sourcefire Defense Center module. That gives us visibility into the traffic coming in and going out, and gives us the heads-up if there is a potential outbreak or potential malicious user who is trying to access the site. It also helps us see traffic generated by an end device trying to reach out to the world."
 

Cons

"The documentation is not clear."
"The product has a lot to improve in the area of policy implementation."
"Threat detection needs improvement; Arista Edge Threat Management NG Firewall should follow Alto and Fortinet."
"Arista Edge Threat Management NG Firewall can be improved, particularly the user interface, which is not very good, and also the logs, which are not very good."
"It is not the newest, cutting-edge technology"
"I don't see a return on investment with Cisco Secure Firewall; it's more of a needed tool, just something we need to do to get business done, so I'm not really looking at it as a tool that would give us an ROI."
"It needs more tunneling capabilities."
"As it stands currently, Cisco is doing this, but I am not confident enough to say that their QA team is doing as good a job as they should as there have been software releases that were immediately pulled back the same day as they were released."
"It is not easy to configure."
"They should work on making it a little more intuitive for users and not quite as complex. Still, it's a good product."
"The pricing is a bit high."
"The Sandbox and the Web Censoring in this solution need to be improved."
 

Pricing and Cost Advice

"The tool is quite cheap."
"I consider it an averagely-priced tool."
"The cost of the firewalls versus the ROI is okay."
"You get what you pay for. It's always priced based on what you get and what it can handle. It's acceptable."
"In the past, I encountered several difficulties and misunderstandings with Cisco licensing, but now the situation has improved. The Cisco Smart Software portal is an excellent resource for keeping track of, upgrading, and researching information related to Smart Licensing and other relevant topics. It is extremely helpful. Unfortunately, since it is not my money and there is only one vendor, I am unable to provide any comments on the prices. Nevertheless, the system, along with its provision through the Cisco Smart Software portal, as well as the traditional license and subscription models, are excellent and highly beneficial."
"The product is expensive."
"Cisco is expensive, but you do get benefits for the price."
"Always consider what you might need to reduce your wasted time and invest it in other solutions."
"Cisco recently has become very expensive."
"It is pay-as-you-go, so it much cheaper than buying in the plants."
report
Use our free recommendation engine to learn which Firewalls solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Comparison Review

it_user206346 - PeerSpot reviewer
Security Consultant at Webernetz.net - Network Security Consulting
Mar 11, 2015
Cisco ASA vs. Palo Alto Networks
Cisco ASA vs. Palo Alto: Management Goodies You often have comparisons of both firewalls concerning security components. Of course, a firewall must block attacks, scan for viruses, build VPNs, etc. However, in this post I am discussing the advantages and disadvantages from both vendors concerning…
 

Top Industries

By visitors reading reviews
Construction Company
36%
Comms Service Provider
9%
Healthcare Company
8%
Real Estate/Law Firm
3%
Construction Company
10%
Manufacturing Company
9%
Financial Services Firm
9%
Computer Software Company
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
By reviewers
Company SizeCount
Small Business192
Midsize Enterprise130
Large Enterprise236
 

Questions from the Community

What needs improvement with Arista Edge Threat Management NG Firewall?
Arista Edge Threat Management NG Firewall can be improved, particularly the user interface, which is not very good, and also the logs, which are not very good.
What advice do you have for others considering Arista Edge Threat Management NG Firewall?
My advice to others looking into using Arista Edge Threat Management NG Firewall is that it is effective and accomplishes its purpose. I would rate this product a 7 out of 10.
What is your primary use case for Arista Edge Threat Management NG Firewall?
My main use case for Arista Edge Threat Management NG Firewall is as a perimeter firewall. I use it as a perimeter firewall by protecting internet traffic, specifically user to internet traffic.
Which is the better NGFW: Fortinet Fortigate or Cisco Firepower?
When you compare these firewalls you can identify them with different features, advantages, practices and usage at large. In my opinion, Fortinet would be the best option and l use Fortinet too...
Which is better - Fortinet FortiGate or Cisco ASA Firewall?
One of our favorite things about Fortinet Fortigate is that you can deploy on the cloud or on premises. Fortinet Fortigate is very stable, reliable, and consistent. We like that we can manage the e...
How does Cisco's ASA firewall compare with the Firepower NGFW?
It is easy to integrate Cisco ASA with other Cisco products and also other NAC solutions. When you understand the Cisco ecosystem, it is very simple to handle. This solution has traffic inspection ...
 

Also Known As

No data available
Cisco Adaptive Security Appliance (ASA) Firewall, Cisco ASA NGFW, Adaptive Security Appliance, Cisco Sourcefire Firewalls, Cisco ASAv, Cisco Firepower NGFW Firewall, Cisco Secure Firewall ASA Virtual - BYOL
 

Overview

 

Sample Customers

Information Not Available
There are more than one million Adaptive Security Appliances deployed globally. Top customers include First American Financial Corp., Genzyme, Frankfurt Airport, Hansgrohe SE, Rio Olympics, The French Laundry, Rackspace, and City of Tomorrow.
Find out what your peers are saying about Arista Edge Threat Management NG Firewall vs. Cisco Secure Firewall and other solutions. Updated: June 2026.
902,988 professionals have used our research since 2012.