Try our new research platform with insights from 80,000+ expert users

Check Point NGFW vs Cisco Secure Firewall comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Apr 6, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

ROI

Sentiment score
7.1
Fortinet FortiGate provides cost-effective security, reducing operational costs and enhancing efficiency with quick ROI for enterprises.
Sentiment score
7.6
Check Point NGFW decreases costs and enhances security, resulting in productivity gains and high user confidence with advanced features.
Sentiment score
7.2
Cisco Secure Firewall offers improved security and efficiency, but cost and ROI vary based on deployment and usage.
Clients are now comfortable and not wasting productive hours on IT support.
The automation part is giving us a cost benefit and speed; we can react faster.
It's a very useful tool to mitigate and protect your enterprise.
This is a time-saving measure because we don't need to deploy a cluster or a firewall each time; we just create a virtual system on the management server using the same appliance.
Incident response time has reduced significantly, and downtime due to network issues has been minimized, leading to an improved return on investment.
I have seen a return on investment with Check Point NGFW in terms of time saved and fewer people needed for operations.
The biggest return on investment when using Cisco Secure Firewall is that there's no waste in any infrastructure cost and licensing costs for us.
From my point of view, the biggest return on investment when using Cisco Secure Firewall is the single pane of glass, which is a huge plus for us.
The biggest return on investment for me when using Cisco Secure Firewall is reliability and robust network design.
 

Customer Service

Sentiment score
6.9
Fortinet FortiGate support varies, praised for responsiveness but criticized for slow responses and regional inconsistencies in efficiency.
Sentiment score
7.1
Check Point NGFW's support is generally positive, with praised expertise, but response time and initial experience vary.
Sentiment score
7.5
Cisco Secure Firewall support is highly rated for knowledgeable assistance, though response times and access vary based on contracts.
They offer very accurate solutions.
The quick resolution of issues with Fortinet FortiGate is due to the support of the company and the fact that the equipment is easy to work with.
I would rate the technical support for Fortinet FortiGate a ten out of ten.
The support team we engaged was knowledgeable and well-versed with the application.
We have escalated issues to Check Point technical support multiple times and have received timely and very good responses.
Even challenging issues like those with VPNs have been resolved efficiently with their help.
I have to provide many logs, yet problems remain unresolved, often requiring workarounds rather than solutions.
I have been working with them on firewalls, wireless, switching, and routing, and the support is the best.
They have expertise and provide solutions for the most difficult problems.
 

Scalability Issues

Sentiment score
7.3
Fortinet FortiGate is scalable with ease of expansion, though hardware integration and sizing can pose challenges for users.
Sentiment score
8.2
Check Point NGFW offers robust scalability with seamless upgrades and high availability, efficiently meeting diverse organizational needs.
Sentiment score
7.2
Cisco Secure Firewall offers scalability and integration, though licensing complexity and scalability challenges in growth may concern some users.
They scale up really well from smaller models like the FortiGate 40 and 50 to bigger sites with the FortiGate 100 for more throughput - up to enterprise datacenters.
The variation comes in terms of the interfaces and throughputs, but from a security perspective, you get the same benefit, irrespective of whether you have an entry-level unit or an enterprise.
We determine sizing based on multiple factors: number of users, available links, traffic types, server count, services in use, and whether services will be published.
If specified correctly, even the smaller boxes offer high session and bandwidth rates, making the solution highly scalable, even up to telco-level requirements.
Scalability must be carefully planned for, considering future growth and user base increases.
They offer multiple solutions from SMBs to enterprise data centers, making it an easily scalable solution with no issues in scalability.
Scalability presents a challenge.
Compared to FortiGate and Palo Alto, it lags in configuration and other aspects.
Even with the highest one, the 4600, we still face issues, particularly when transitioning between screens; it becomes very slow.
 

Stability Issues

Sentiment score
7.8
Fortinet FortiGate is favored for its stability and reliability, with some performance issues resolved through updates and sizing.
Sentiment score
7.9
Check Point NGFW is praised for stability, reliability, proactive updates, and high performance, despite occasional bugs and configuration issues.
Sentiment score
7.2
Cisco Secure Firewall is highly reliable with minimal outages, though occasional upgrade issues are typically fixed with updates.
We're experiencing 99.999% availability consistently.
I would rate the stability of Fortinet FortiGate a ten out of ten.
The solution is very stable.
While the solution is generally stable, there are complications, such as requiring SmartConsole for deployment and upgrades, which can be time-consuming.
I have worked with Check Point products for 15 years and haven't found any stability or performance issues.
The use of Check Point firewalls has helped improve our security posture without any downtime.
We have often encountered split-brain scenarios during failover processes and code upgrades, which have been persistent problems for us.
We work with a cluster with high availability, so if something goes wrong, we have it functioning.
Cisco Secure Firewall offers exceptional performance and stability.
 

Room For Improvement

Fortinet FortiGate users seek improvements in stability, integration, scalability, cost, and advanced features like monitoring and zero-trust technology.
Check Point NGFW faces stability, support, and integration issues, with complex GUI, high costs, and challenging policy management.
Cisco Secure Firewall faces criticism for its complex GUI, high costs, and demands better features, integration, and performance improvements.
Investing in a solution that can accommodate such growth would be more cost-effective than repeatedly purchasing new hardware.
The constant daily revisions necessitate meticulous identification of the relevant documents to prevent the use of outdated information that could jeopardize our environment.
While Fortinet claims to offer a comprehensive network solution, it falls short in addressing computer application issues, particularly server security.
Other products, like FortiGate, are perceived as more intuitive because they are easier to configure from the start.
More granularity and control for threat prevention, especially on the OT side, would be beneficial.
I believe Check Point NGFW can be improved by making its initial configuration and deployment easier in the future because the first-time setup is really hard.
My ongoing complaint for the last six years has been the lack of CLI functionality, which hinders my ability to work on the firewall, alongside concerns regarding deployment time.
Firepower Management Center is quite out of date compared to other vendors.
The integration between Cisco products themselves presents difficulties, such as SD-WAN configuration.
 

Setup Cost

Fortinet FortiGate offers various licensing models, balancing affordability and performance, though renewals can increase costs.
Check Point NGFW pricing is high but feature-rich, requiring negotiation and support; opinions vary on cost-effectiveness.
Cisco Secure Firewall is costly but offers robust support and reliability; licensing complexity can be mitigated by smart licensing.
FortiGate is priced lower than Palo Alto.
Last year, I renewed the support for three years, which can sometimes be expensive but depends on the security benefits and how it helps us.
It is about 20% cheaper.
In comparison to Fortinet and other products, the pricing may be considered high.
Compared to other solutions, the pricing of Check Point NGFW is high.
The perception is that Check Point NGFW is expensive, especially when all software modules are included.
It's good to have them, however, it costs us a lot.
It's considered a premium, but people pay that price for Cisco.
There are a lot of in-place contracts for us that provide the benefit of discounts.
 

Valuable Features

Fortinet FortiGate provides robust security features, user-friendly management, and scalability, making it a preferred choice for organizations.
Check Point NGFW excels with VPN, IPS, centralized management, intuitive interface, and robust threat prevention, enhancing security and performance.
Cisco Secure Firewall provides robust security, scalability, and central management, with intuitive tools for efficient threat protection and network monitoring.
In terms of security, we have not experienced any security flaws or loopholes, and it has proven to be quite stable.
FortiGate has helped reduce the risk of cyberattacks that might disrupt our client's production.
These features help reduce our downtime, manage the ISPs, and deploy SLAs for all the website traffic.
The firewall's default behavior of blocking all traffic, including a cleanup rule that blocks everything from external to internal sources, is highly valuable for protecting our network.
The most valuable features in my experience include perimeter firewalling, cloud and mobile security, application control, URL filtering, DLP, threat prevention, intrusion protection, and safeguarding against malware, botnets, and zero-day attacks.
Since implementing it, we have noticed a lot less getting through that maybe other antivirus within firewalls had failed to catch.
What stands out positively about Cisco is their training and support, which has effectively prepared engineers to work with their products.
This is very important to my organization, as we work extensively with security because we are a bank, so we can keep the data safe.
Cisco Secure Firewall allows me to safeguard Layer 7 or Layer 3 and manage the security rules with the business needs of my organization.
 

Categories and Ranking

Fortinet FortiGate
Sponsored
Ranking in Firewalls
2nd
Average Rating
8.4
Reviews Sentiment
7.1
Number of Reviews
373
Ranking in other categories
Software Defined WAN (SD-WAN) Solutions (1st), WAN Edge (1st)
Check Point NGFW
Ranking in Firewalls
5th
Average Rating
8.8
Reviews Sentiment
7.4
Number of Reviews
324
Ranking in other categories
Unified Threat Management (UTM) (1st)
Cisco Secure Firewall
Ranking in Firewalls
6th
Average Rating
8.2
Reviews Sentiment
7.3
Number of Reviews
428
Ranking in other categories
Cisco Security Portfolio (3rd)
 

Mindshare comparison

As of July 2025, in the Firewalls category, the mindshare of Fortinet FortiGate is 21.2%, up from 17.7% compared to the previous year. The mindshare of Check Point NGFW is 3.0%, down from 3.2% compared to the previous year. The mindshare of Cisco Secure Firewall is 6.2%, up from 5.5% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Firewalls
 

Featured Reviews

Vasu Gala - PeerSpot reviewer
A stable solution with an intuitive interface and quick customer service
I have been working with Fortinet FortiGate, WatchGuard, Sophos, and SonicWall. I'm not as comfortable with SonicWall because of their UI and limitations. I prefer Fortinet above all other options. When it comes to configuration, I am confident in my ability to handle various tasks, including creating policies such as firewall rules, web policies, and application policies. Additionally, I can configure VPNs and implement load balancing, among other tasks. Overall, I feel much more comfortable working with Fortinet. Fortinet has made significant improvements by integrating AI with firewalls for threat analysis and prevention. In the past 2-3 years, they have launched FortiSASE and SIEM, and they also provide SOC services. Both Palo Alto and Fortinet FortiGate are excellent. While Fortinet FortiGate comes at higher prices, the functionality and support justify the cost. They promptly resolve firmware issues and inform all support providers about configuration changes.
Hailemichael Yigrem - PeerSpot reviewer
Advanced security features enhance threat detection and prevention
Check Point NGFW provides granular application control and detailed visibility over application and user activity. It integrates with the ThreatCloud ecosystem, enabling real-time threat detection and prevention. The User Identity Awareness blade integrates with Active Directory, identifying user traffic sources. Check Point NGFW is highly scalable and has centralized management through SmartConsole, which manages policies, logs, and threat data. It reduced our incidents and decreased the time to analyze cyber threats by 70 percent.
Phil Shiflett - PeerSpot reviewer
Unified policies streamline network management but complex licensing requires attention
Cisco Secure Firewall has some growth opportunities in terms of visibility and control capabilities regarding managing encrypted traffic. It has the ability to analyze encrypted traffic, and there is potential for more integration with APIs and AI to enhance these capabilities. Cisco Secure Firewall needs improvement in deployment time and the capability to access the CLI during support calls. I often encounter issues when technical support uses a CLI that is not familiar to me while troubleshooting through the GUI. My ongoing complaint for the last six years has been the lack of CLI functionality, which hinders my ability to work on the firewall, alongside concerns regarding deployment time. For the next release, they should look at the features offered by competitors such as Fortinet, including the ability to perform packet capture directly from the interface. If they enhanced their troubleshooting efficiency related to packet capture for each specific rule, it would simplify the process significantly.
report
Use our free recommendation engine to learn which Firewalls solutions are best for your needs.
860,632 professionals have used our research since 2012.
 

Comparison Review

it_user206346 - PeerSpot reviewer
Mar 11, 2015
Cisco ASA vs. Palo Alto Networks
Cisco ASA vs. Palo Alto: Management Goodies You often have comparisons of both firewalls concerning security components. Of course, a firewall must block attacks, scan for viruses, build VPNs, etc. However, in this post I am discussing the advantages and disadvantages from both vendors concerning…
 

Top Industries

By visitors reading reviews
Computer Software Company
15%
Educational Organization
11%
Comms Service Provider
8%
Manufacturing Company
7%
Educational Organization
34%
Computer Software Company
11%
Financial Services Firm
7%
Comms Service Provider
4%
Educational Organization
31%
Computer Software Company
16%
University
6%
Manufacturing Company
5%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Which is the better NGFW: Fortinet Fortigate or Cisco Firepower?
When you compare these firewalls you can identify them with different features, advantages, practices and usage a...
What is the biggest difference between Sophos XG and FortiGate?
From my experience regarding both the Sophos and FortiGate firewalls, I personally would rather use FortiGate. I know...
What are the biggest technical differences between Sophos UTM and Fortinet FortiGate?
As a solution, Sophos UTM offers a lot of functionality, it scales well, and the stability and performance are quite ...
How does Check Point NGFW compare with Fortinet Fortigate?
I have experience on both from Disti and channel experience. Please find below my comments (nothing new as such). -Ch...
Which would you recommend - Azure Firewall or Check Point NGFW?
Azure Firewall is easy to use and provides excellent support. Valuable features include integration into the overall ...
What do you like most about Check Point NGFW?
Check Point NGFW provides essential security, featuring no-obligation access for secure connections, strong intrusion...
Which is better - Fortinet FortiGate or Cisco ASA Firewall?
One of our favorite things about Fortinet Fortigate is that you can deploy on the cloud or on premises. Fortinet Fort...
How does Cisco's ASA firewall compare with the Firepower NGFW?
It is easy to integrate Cisco ASA with other Cisco products and also other NAC solutions. When you understand the Cis...
Which is better - Meraki MX or Cisco ASA Firewall?
Cisco Adaptive Security Appliance (ASA) software is the operating software for the Cisco ASA suite. It supports netw...
 

Also Known As

FortiGate 60b, FortiGate 60c, FortiGate 80c, FortiGate 50b, FortiGate 200b, FortiGate 110c, FortiGate, Fortinet Firewall
Check Point NG Firewall, Check Point Next Generation Firewall
Cisco Adaptive Security Appliance (ASA) Firewall, Cisco ASA NGFW, Adaptive Security Appliance, Cisco Sourcefire Firewalls, Cisco ASAv, Cisco Firepower NGFW Firewall
 

Overview

 

Sample Customers

Amazon Web Services, Microsoft, IBM, Cisco, Dell, HP, Oracle, Verizon, AT&T, T-Mobile, Sprint, Vodafone, Orange, BT Group, Telstra, Deutsche Telekom, Comcast, Time Warner Cable, CenturyLink, NTT Communications, Tata Communications, SoftBank, China Mobile, Singtel, Telus, Rogers Communications, Bell Canada, Telkom Indonesia, Telkom South Africa, Telmex, Telia Company, Telkom Kenya
Control Southern, Optimal Media
There are more than one million Adaptive Security Appliances deployed globally. Top customers include First American Financial Corp., Genzyme, Frankfurt Airport, Hansgrohe SE, Rio Olympics, The French Laundry, Rackspace, and City of Tomorrow.
Find out what your peers are saying about Check Point NGFW vs. Cisco Secure Firewall and other solutions. Updated: June 2025.
860,632 professionals have used our research since 2012.