We changed our name from IT Central Station: Here's why

Check Point CloudGuard Network Security vs Cisco ASA Firewall comparison

Cancel
You must select at least 2 products to compare!
Featured Review
Find out what your peers are saying about Check Point CloudGuard Network Security vs. Cisco ASA Firewall and other solutions. Updated: January 2022.
564,729 professionals have used our research since 2012.
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"We get the Security Intelligence Feeds refreshed every hour from Talos, which from my understanding is that they're the largest intelligence Security Intelligence Group outside of the government.""The Adversity Malware Protection (AMP) feature is the most valuable. It is also very easy to use. Every technical user can operate this solution without any difficulty. The dashboard of Cisco Firepower has every tool that a security operator needs. You can find every resource that you need to operate through this dashboard.""Its Snort 3 IPS has better flexibility as far as being able to write rules. This gives me better granularity.""I like the firewall features, Snort, and the Intrusion Prevention System (IPS).""The Firepower+ISE+AMP for endpoint integration is something that really stands it out with other vendor solutions. They have something called pxGrid and i think it is already endorsed by IETF. This allows all devices on the network to communicate.""I have experience with URL filtering, and it is very good for URL filtering. You can filter URLs based on the categories, and it does a good job. It can also do deep packet inspection.""It's got the capabilities of amassing a lot of throughput with remote access and VPNs.""If configured, Firepower provides us with application visibility and control."

More Cisco Firepower NGFW Firewall Pros →

"The features of the solution which I have found most valuable are its flexibility and agility. It's a fully scalable solution, from our perspective. We can define scaling groups and, based on the load, it will create new instances. It's truly a product which is oriented toward the cloud mindset, cloud agility, and this is a great feature.""We have complete visibility of attacks originating from email including spear-phishing, spoofing, etc.""Check Point is one of the few solutions that pay attention to cloud security. Many others mostly focus on providing on-premises solutions.""The initial setup is pretty easy.""The most valuable feature is that we can use the same manager server that we use on our own Check Point firewalls. We integrated CloudGuard on that manager and we can use the same kind of protections that we use on the on-prem firewalls, like the IPS and antivirus policy. We can have the same kind of protection on the Cloud environment that we have on-premise.""The scalability is very good; again, very user-friendly. I wouldn't even say "user-friendly" because, as long as you deploy it properly, you can kill an EC2 and it will spin up another one right away, within about a minute and a half. And it will be ready for production right away.""What's most valuable to me is that it's a contiguous solution that aligns well with the components that we've relied on and trusted from a traditional hardware, firewall, and unified threat management system. My engineers and analysts don't have to learn another platform. We have already entrusted our security controls to Check Point for perimeter and physical security, and now we can do so at the virtual layer as well, which is key to us.""Auto-scaling and zero touch are valuable features."

More Check Point CloudGuard Network Security Pros →

"We find all of its features very useful. Its main features are policies and access lists. We use both of them, and we also use routing.""The most important feature is the VPN connection.""The command line is the same as it is on the Cisco iOS router.""Everything is all documented in the file or in the command line script that gets uploaded to the device. It gives us great visibility.""The clusters in data centers are great.""The whole firewall functionality, including firewall policies and IPS policies, is valuable. It has all kinds of functionalities. It has IPS, VPN, and other features. They are doing quite a lot of stuff with their devices.""I like all of the features.""VPN and firewall are good features."

More Cisco ASA Firewall Pros →

Cons
"The solution could offer better control that would allow the ability to restrictions certain features from a website.""We cannot have virtual domains, which we can create with FortiGate. This is something they should add in the future. Additionally, there is a connection limit and the FMC could improve.""It would be great if some of the load times were faster.""The intelligence has room for improvement. There are some hackers that we haven't seen before and its ability to detect those types of attacks needs to be improved.""The initial setup was a bit complex. It wasn't a major challenge, but due to our requirements and network, it was not very straightforward but still easy enough.""FirePOWER does a good job when it comes to providing us with visibility into threats, but I would like to see a more proactive stance to it.""It's mainly the UI and the management parts that need improvement. The most impactful feature when you're using it is the user interface and the user experience.""I would like it to have faster deployment times. A typical deployment could take two to three minutes. Sometimes, it depends on the situation. It is better than it was in the past, but it could always use improvement."

More Cisco Firepower NGFW Firewall Cons →

"In case the device is inaccessible due to some issue such as CPU or memory, there is no separate port or hardware partition provided for troubleshooting purposes.""Micro-Segmentation functionality for EAST-WEST traffic is not native and requires integration with a third-party OEM.""I hope that Check Point continues to improve its technical documentation regarding the Check Point CloudGuard IaaS gateway and management system.""I would like to see a step-by-step initial installation of the firewall. That would be really helpful. Like in Oracle appliances, when you start it asks you, what's your current IP address? An initial setup should be a step by step and intuitive process. You click on "begin," it asks you some simple questions. You fill in the blanks - your current IP address, what you want to do, you want to set up a site to site VPN, for example, that kind of thing. That would be the smartest thing to have.""Easier optimization techniques can definitely help with better performance of the OS, as using the vanilla software doesn't actually showcase the real capability of the software.""The solution lacks the capability to scale effectively.""The documentation has been rough. Being able to do it yourself can be hit or miss given the constraints of the documentation.""I think they have pretty much mastered what can be done. There are some nuances like when you fail over from one cluster member to the other, the external IP address takes about two minutes to fail over."

More Check Point CloudGuard Network Security Cons →

"The graphical interface should be improved to make the configuration easier, to do things with a single click.""Cisco ASA is not a next-generation firewall product.""You need to have a little bit of knowledge to be able to configure it. Otherwise, it would be very difficult to configure because there is no GUI. The latest software available in the market has a GUI and probably zero-touch provisioning and auto-configuration. All these things are not available in our version. You need to manually go and configure everything in the switch. In terms of new features, we would definitely want to have URL-based filtering, traffic steering, and probably a little bit steering in the bandwidth based on the per-user level and per-user group. We will definitely need some of these features in the near future.""The graphical interface could be improved. From what I have seen, Fortinet, for example, has a nicer GUI.""It is expensive.""It lacks management. For me, it still doesn't have a proper management tool or GUI for configuration, logging, and visualization. Its management is not that easy. It is also not very flexible and easy to configure. They used to have a product called CSM, but it is no longer being developed. FortiGate is better than this solution in terms of GUI, flexibility, and user-friendliness.""The virtual firewalls don't work very well with Cisco AnyConnect.""The solution has not had any layer upgrades. It does not have layer five and upwards, it only has up to layer four. This has caused some problems for us."

More Cisco ASA Firewall Cons →

Pricing and Cost Advice
  • "Cisco pricing is premium. However, they gave us a 50 to 60 percent discount."
  • "There are additional implementation and validation costs."
  • "Cisco, as we all know, is expensive, but for the money you are paying, you know that you are also getting top-notch documentation as well as support if needed."
  • "This product requires licenses for advanced features including Snort, IPS, and malware detection."
  • "This product is expensive."
  • "For me, personally, as an individual, Cisco Firepower NGFW Firewall is expensive."
  • "The price of Firepower is not bad compared to other products."
  • "The solution was chosen because of its price compared to other similar solutions."
  • More Cisco Firepower NGFW Firewall Pricing and Cost Advice →

  • "Licensing is simply by the number of hosts that you are looking to protect within your environment. It makes it much easier to ensure that you are covering your environment."
  • "There is flexibility in the different licensing models that are offered."
  • "The pricing is pretty high, not just for your capital, for what you have to pay upfront, but for what you pay for your annual software renewals as well, compared to a lot of other vendors. Check Point is near the top, as far as how much it's going to cost you."
  • "Pricing of CloudGuard is pretty fair when you have a single account. It's comparable with other cloud providers. But for our use case, it got really pricey when we had to deploy multiple CloudGuards on multiple accounts in different regions, because you can't have CloudGuard protecting multiple regions. That's the big thing."
  • "The pricing and licensing have been good. We just had to do a license increase for our portion of it. We had that done within a couple of days. Given the fact that it's purely a software-based license, it ends up being even quicker than doing it for an on-prem firewall."
  • "It is not expensive, but it is a little bit above the middle range. There are other solutions that are a little more expensive than this, but they also have some interesting features."
  • "The price could be better."
  • "You get charged only for what resources you choose and how much traffic actually passes through the firewall, which in turn saves a lot of money."
  • More Check Point CloudGuard Network Security Pricing and Cost Advice →

  • "In terms of costs, other solutions are more expensive than Cisco. Palo Alto is more expensive than Cisco."
  • "There is room for improvement in the pricing when compared to the market. Although, when you compare the benefits of support from Cisco, you can adjust the value and it becomes comparable, because you usually need very good support. So you gain value there with this device."
  • "When it comes to Cisco, the price of everything is higher. Cisco firewalls are expensive, but we get support from Cisco, and that support is very active."
  • "Cisco is expensive, but you do get benefits for the price."
  • "It's a brilliant firewall, and the fact that it comes with a perpetual license really does go far in terms of helping the organization in not having to deal with those costs on an annual basis. That is a pain point when it comes to services like the ones we have on Fortigate. That's where we really give Cisco firewalls the thumbs up."
  • "The licensing is a bit off because the physical firewall is cheaper than the virtual one. We only have the physical ones as they are cheaper than the virtual ones. We only use the physical firewalls because of the price difference."
  • "Always consider what you might need to reduce your wasted time and invest it in other solutions."
  • "Cisco is considered to be an expensive solution."
  • More Cisco ASA Firewall Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Firewalls solutions are best for your needs.
    564,729 professionals have used our research since 2012.
    Questions from the Community
    Top Answer: 
    When you compare these firewalls you can identify them with different features, advantages, practices and… more »
    Top Answer: 
    The Cisco Firepower NGFW Firewall is a very powerful and very complex piece of anti-viral software. When one considers… more »
    Top Answer: 
    It is easy to integrate Cisco ASA with other Cisco products and also other NAC solutions. When you understand the Cisco… more »
    Top Answer: 
    Check Point has pretty simple solutions, like the virtual appliance which you just download and it is imported into… more »
    Top Answer: 
    The cost is on the higher side, as it is based on workload, hence we need to decide which VPC or workload needs to be… more »
    Top Answer: 
    In terms of what could be improved, we have no support with the current Check Point environment. It ended maybe three or… more »
    Top Answer: 
    One of our favorite things about Fortinet Fortigate is that you can deploy on the cloud or on premises. Fortinet… more »
    Top Answer: 
    Cisco Adaptive Security Appliance (ASA) software is the operating software for the Cisco ASA suite. It supports… more »
    Top Answer: 
    When looking to change our ASA Firewall, we looked into Palo Alto’s WildFire. It works especially in preventing advanced… more »
    Comparisons
    Also Known As
    Cisco Firepower NGFW, Cisco Firepower Next-Generation Firewall, FirePOWER, Cisco NGFWv
    CloudGuard IaaS, Check Point vSEC, CloudGuard IaaS, Check Point Virtual Systems, Check Point CloudGuard Network Security
    Cisco Adaptive Security Appliance (ASA) Firewall, Cisco ASA NGFW, Cisco ASA, Adaptive Security Appliance, ASA, Cisco Sourcefire Firewalls, Cisco ASAv
    Learn More
    Overview

    Cisco NGFW firewalls deliver advanced threat defense capabilities to meet diverse needs, from
    small/branch offices to high performance data centers and service providers. Available in a wide
    range of models, Cisco NGFW can be deployed as a physical or virtual appliance. Advanced threat
    defense capabilities include Next-generation IPS (NGIPS), Security Intelligence (SI), Advanced
    Malware Protection (AMP), URL filtering, Application Visibility and Control (AVC), and flexible VPN
    features. Inspect encrypted traffic and enjoy automated risk ranking and impact flags to reduce event
    volume so you can quickly prioritize threats. Cisco NGFW firewalls are also available with clustering
    for increased performance, high availability configurations, and more.
    Cisco Firepower NGFWv is the virtualized version of Cisco's Firepower NGFW firewall. Widely
    deployed in leading private and public clouds, Cisco NGFWv automatically scales up/down to meet
    the needs of dynamic cloud environments and high availability provides resilience. Also, Cisco NGFWv
    can deliver micro-segmentation to protect east-west network traffic.
    Cisco firewalls provide consistent security policies, enforcement, and protection across all your
    environments. Unified management for Cisco ASA and FTD/NGFW physical and virtual firewalls is
    delivered by Cisco Defense Orchestrator (CDO), with cloud logging also available. And with Cisco
    SecureX included with every Cisco firewall, you gain a cloud-native platform experience that enables
    greater simplicity, visibility, and efficiency.
    Learn more about Cisco’s firewall solutions, including virtual appliances for public and private cloud.

    Check Point CloudGuard provides unified cloud native security for all your assets and workloads, giving you the confidence to automate security, prevent threats, and manage posture – everywhere – across your multi-cloud environment.

    Cisco ASA firewalls deliver enterprise-class firewall functionality with highly scalable and flexible VPN capabilities to meet diverse needs, from small/branch offices to high performance data centers and service providers. Available in a wide range of models, Cisco ASA can be deployed as a physical or virtual appliance. Flexible VPN capabilities include support for remote access, site-to-site, and clientless VPN. Also, select appliances support clustering for increased performance, VPN load balancing to optimize available resources, advanced high availability configurations, and more.

    Cisco ASAv is the virtualized version of the Cisco ASA firewall. Widely deployed in leading private and public clouds, Cisco ASAv is ideal for remote worker and multi-tenant environments. The solution scales up/down to meet performance requirements and high availability provides resilience. Also, Cisco ASAv can deliver micro-segmentation to protect east-west network traffic.

    Cisco firewalls provide consistent security policies, enforcement, and protection across all your environments. Unified management for Cisco ASA and FTD/NGFW physical and virtual firewalls is delivered by Cisco Defense Orchestrator (CDO), with cloud logging also available. And with Cisco SecureX included with every Cisco firewall, you gain a cloud-native platform experience that enables greater simplicity, visibility, and efficiency.

    Learn more about Cisco’s firewall solutions, including virtual appliances for public and private cloud.

    Offer
    Learn more about Cisco Firepower NGFW Firewall
    Learn more about Check Point CloudGuard Network Security
    Learn more about Cisco ASA Firewall
    Sample Customers
    Rackspace, The French Laundry, Downer Group, Lewisville School District, Shawnee Mission School District, Lower Austria Firefighters Administration, Oxford Hospital, SugarCreek, Westfield
    Physicians Choice Laboratory Services, Helvetica Insurance
    There are more than one million Adaptive Security Appliances deployed globally. Top customers include First American Financial Corp., Genzyme, Frankfurt Airport, Hansgrohe SE, Rio Olympics, The French Laundry, Rackspace, and City of Tomorrow.
    Top Industries
    REVIEWERS
    Comms Service Provider22%
    Financial Services Firm16%
    Manufacturing Company8%
    Non Profit8%
    VISITORS READING REVIEWS
    Comms Service Provider33%
    Computer Software Company21%
    Government7%
    Manufacturing Company4%
    REVIEWERS
    Financial Services Firm18%
    Computer Software Company14%
    Government11%
    Healthcare Company7%
    VISITORS READING REVIEWS
    Comms Service Provider30%
    Computer Software Company26%
    Government5%
    Energy/Utilities Company5%
    REVIEWERS
    Financial Services Firm17%
    Comms Service Provider13%
    Manufacturing Company10%
    Computer Software Company7%
    VISITORS READING REVIEWS
    Comms Service Provider35%
    Computer Software Company21%
    Government5%
    Educational Organization4%
    Company Size
    REVIEWERS
    Small Business43%
    Midsize Enterprise28%
    Large Enterprise29%
    VISITORS READING REVIEWS
    Small Business21%
    Midsize Enterprise13%
    Large Enterprise65%
    REVIEWERS
    Small Business37%
    Midsize Enterprise29%
    Large Enterprise35%
    VISITORS READING REVIEWS
    Small Business8%
    Midsize Enterprise54%
    Large Enterprise38%
    REVIEWERS
    Small Business35%
    Midsize Enterprise26%
    Large Enterprise39%
    VISITORS READING REVIEWS
    Small Business28%
    Midsize Enterprise16%
    Large Enterprise56%
    Find out what your peers are saying about Check Point CloudGuard Network Security vs. Cisco ASA Firewall and other solutions. Updated: January 2022.
    564,729 professionals have used our research since 2012.

    Check Point CloudGuard Network Security is ranked 8th in Firewalls with 26 reviews while Cisco ASA Firewall is ranked 6th in Firewalls with 62 reviews. Check Point CloudGuard Network Security is rated 8.6, while Cisco ASA Firewall is rated 8.0. The top reviewer of Check Point CloudGuard Network Security writes "Unified Security Management has enabled us to combine our on-prem appliances and cloud environments". On the other hand, the top reviewer of Cisco ASA Firewall writes "Robust solution that integrates well with both Cisco products and products from other vendors". Check Point CloudGuard Network Security is most compared with Fortinet FortiGate, Palo Alto Networks NG Firewalls, Azure Firewall, VMware NSX and Sophos XG, whereas Cisco ASA Firewall is most compared with Fortinet FortiGate, Palo Alto Networks WildFire, Meraki MX and Juniper SRX. See our Check Point CloudGuard Network Security vs. Cisco ASA Firewall report.

    See our list of best Firewalls vendors.

    We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.