Check Point NGFW vs Cisco Secure Firewall comparison

Cancel
You must select at least 2 products to compare!
Comparison Buyer's Guide
Executive Summary
Updated on Nov 23, 2022

We performed a comparison between Check Point NGFW and Cisco Secure Firewall based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.

  • Ease of Deployment: Users of both solutions agree that their initial setup is straightforward.
  • Features: Users of both products are happy with their stability and scalability.

    Check Point users like its central management, and say it is flexible and has good security features. Some users note that its VPN tool is complex to integrate.

    Cisco Secure users say it has good VPN and reporting features and provides very good application visibility and control. Several users mention that its interface can be a bit overwhelming.

  • Pricing: Most Check Point users feel that it is fairly priced. Cisco Secure users feel that it is an expensive product.
  • ROI: Users of both solutions report being satisfied with the ROI.
  • Service and Support: Some Check Point users feel that the support should improve. Cisco Secure users report being very satisfied with the level of support they receive.

Comparison Results: Check Point users are happier with its VPN and with its pricing. However, Cisco Secure users are happier with its service and support.

To learn more, read our detailed Check Point NGFW vs. Cisco Secure Firewall Report (Updated: January 2023).
672,411 professionals have used our research since 2012.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"It creates granular security policies based on users or groups to identify, block or limit the usage of web applications.""The Network Address Translation (NAT) will always be a valuable feature as it allows me to turn my private cloud to the public at the click of a button and have secure control over the accessible servers/applications.""Its size does not limit the great power of perimeter security that this technology provides.""We have all the features we want or need in this appliance. It's been good so far.""By far, it's the best security solution one can adopt for their organization.""We have found the solution to be scalable.""I love the redesigned interface starting with R80 as well as the ability for multiple engineers to work on the policy simultaneously.""Its auditing features are good for checking who did what changes and when."

More Check Point NGFW Pros →

"When it comes to the integration among Cisco tools, we find it easy. It's a very practical integration with other components as well.""I like the ASDM for the firewall because it is visual. With the command line, it is harder to visualize what is going on. A picture is worth a thousand words.""The remote VPN and IPsec VPN or site-to-site VPN features are valuable. The clustering feature is also valuable. We have two ISP links. Whenever there is a failover, users don't even get to know. The transition is very smooth, and the users don't notice any latency. So, remote VPN, site-to-site VPN, and failover are three very powerful features of Cisco ASA.""Feature-wise, we mostly use IPS because it is a security requirement to protect against attacks from outside and inside. This is where IPS helps us out a bunch.""I like the IPS feature, it is the most valuable.""The technical support is excellent. I would rate it as 10 out of 10. When there has been an issue, we have had a good response from them.""The product is quite robust and durable.""The most valuable feature would be the IP blocking. It gets rid of things that you don't need in your environment."

More Cisco Secure Firewall Pros →

Cons
"The firewall throughput or performance reduces drastically after enabling each module/blade.""Support cases have been generated several times, and it takes time for the case to be resolved.""The complexity could be fixed. It's a bit complex to set up, for example.""The price is middling. It's much more expensive than Fortinet, although not so expensive when compared with Palo Alto.""When you want to open the gateway by double-clicking on the interface, sometimes it can cause silly problems such as freezing.""There is no email security.""There should be better integration with our current NAC solution to increase the granularity of policies that we implement.""The only downside to Check Point, is, due to the vast expanse of configurable options, it does become easily overwhelming."

More Check Point NGFW Cons →

"An area for improvement is the graphical user interface. That is something that is coming up now. They could make the product more user-friendly. A better GUI is something that would make life much easier.""I would like to see them update the GUI so that it doesn't look like it was made in 1995.""I think the ASA layer is thin. It's always Layer 3 or Layer 4 source controller and doesn't control the Layer 7 traffic. It's important, and you'll need an additional firewall.""The access layer of this solution could be improved in terms of the way the devices interconnect with our network. We need to be able to analyze the traffic between the different interconnection in these areas.""The visibility for VPN is one big part. The policy administration could be improved in terms of customizations and flexibility for changing it to our needs.""We are replacing ASA with FTD which offers many new features not available using ASA.""Cisco wasn't first-to-market with NGFWs... they should look at what other vendors are doing and try not only to be on the same wavelength but a little bit better.""It doesn't have Layer 7 security."

More Cisco Secure Firewall Cons →

Pricing and Cost Advice
  • "The cost of the pricing and licensing are okay. They are giving me a good product as far as I know. It is more expensive than Cisco, but cheaper than Palo Alto, which is fine. It has many good features, so it deserves a good price as well."
  • "They sell it in one box. In that one box, they sell Antivirus and Threat Prevention. They have everything, so we are not required to purchase additional IPS hardware for it."
  • "It is more expensive than Cisco ASA but cheaper than Palo Alto."
  • "Each blade requires that you have a license."
  • "The price of Check Point is lower than Palo Alto but higher than Cisco ASA."
  • "The price of this product is not too costly and you do not need to pay for all of the features."
  • "The vendor has a very flexible licensing approach."
  • "Check Point should provide some basic license for mobile access VPN by default, for at least five to ten users."
  • More Check Point NGFW Pricing and Cost Advice →

  • "The price for Firepower is more expensive than FortiGate. The licensing is very complex. We usually ask for help from Solutel because of its complexity. I have a Cisco account where I can download the VPN client, then connect. Instead, I create an issue with Solutel, then Solutel solves the case."
  • "I know that licensing for some of the advanced solutions, like Intrusion Prevention and Secure Malware Analytics, are nominal costs."
  • "It is affordable. The hardware is not that expensive anymore. It is a matter of licensing these days."
  • "Cisco is not for a small mom-and-pop shop because of the cost, but if you're in a regulated industry where a breach could cost you a million dollars, it's a bargain."
  • "I like the Smart Licensing, because it is more dynamic and easier to keep track of where you are at. If we have a high availability firewall pair and they are deployed in active/standby rather than active/active, I would expect that we would only pay for one set of licenses because you are using only one firewall at any one time. The other is there just for resiliency. The licensing, from a Firepower perspective, still requires you to have two licenses, even if the firewalls are in active/standby, which means that you pay for the two licenses, even though you might only be using one firewall any one time. This is probably not the best way to do it and doesn't represent the best value for money. This could be looked at to see if it could be done in a fairer way."
  • "We are happy with its price. Licensing is on a yearly basis for technical support. There is one license for technical support. There is another license for IP Version 2 VPN and IPS."
  • "I am happy with the product in general, including the pricing."
  • "Their pricing is very aggressive and good. Even a small company can afford it. I am happy with its pricing. Its licensing is on a yearly basis."
  • More Cisco Secure Firewall Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Firewalls solutions are best for your needs.
    672,411 professionals have used our research since 2012.
    Questions from the Community
    Top Answer:I have experience on both from Disti and channel experience. Please find below my comments (nothing new as such). -Check Point GUI is a bit complicated,  -Application and Web filtering are better… more »
    Top Answer:Azure Firewall is easy to use and provides excellent support. Valuable features include integration into the overall cloud platform, autoscaling, and the ability for users to create virtual IP… more »
    Top Answer:The central management console has helped with segregation, where planned interventions with management consoles do not have any impact on production or critical business traffic.
    Top Answer: When you compare these firewalls you can identify them with different features, advantages, practices and usage at large. In my opinion, Fortinet would be the best option and l use… more »
    Top Answer:One of our favorite things about Fortinet Fortigate is that you can deploy on the cloud or on premises. Fortinet Fortigate is very stable, reliable, and consistent. We like that we can manage the… more »
    Top Answer:It is easy to integrate Cisco ASA with other Cisco products and also other NAC solutions. When you understand the Cisco ecosystem, it is very simple to handle. This solution has traffic inspection and… more »
    Ranking
    4th
    out of 48 in Firewalls
    Views
    27,887
    Comparisons
    19,202
    Reviews
    159
    Average Words per Review
    571
    Rating
    8.9
    2nd
    out of 48 in Firewalls
    Views
    96,842
    Comparisons
    63,474
    Reviews
    90
    Average Words per Review
    860
    Rating
    8.3
    Comparisons
    Also Known As
    Check Point NG Firewall, Check Point Next Generation Firewall
    Cisco ASA Firewall, Cisco Adaptive Security Appliance (ASA) Firewall, Cisco ASA NGFW, Cisco ASA, Adaptive Security Appliance, ASA, Cisco Sourcefire Firewalls, Cisco ASAv, Cisco Firepower NGFW Firewall
    Learn More
    Overview

    Check Point NGFW is a next generation firewall that enables safe usage of internet applications by blocking malicious applications and unblocking safe applications. Check Point NGFW, which uses deep packet inspection to identify and control applications, has features such as application and user control and integrated intrusion prevention (IPS), as well as more advanced malware prevention capabilities like sandboxing.

    Check Point NGFW includes 23 firewall models optimized for running all threat prevention technologies simultaneously, including full SSL traffic inspection, without compromising on security or performance.

    Benefits of Check Point's Next Generation Firewall

    • Robust security: Check Point NGFW delivers the best possible threat prevention with SandBlast Zero Day protection. The SandBlast protection agent constantly inspects passing network traffic for exploits and vulnerabilities. Suspicious files are then emulated in a virtual sandbox in order to detect and report malicious behavior.

    • Security at hyperscale: On-demand hyperscale threat prevention performance provides cloud level expansion and resiliency on premises.

    • Unified management: Check Point's SmartConsole makes it easy to manage and configure network security environments and policies. With the SmartConsole, users can manage all the firewall gateways and access logs and install databases from one location. Unified management control across the network increases the efficiency of security operations and reduces IT costs.
    • Continuous logging: Check Point NGFW’s Threat Management feature detects vulnerabilities and logs them. Using the logged data, users can easily create and implement efficient security policies.

    • Remote access: The remote access VPN provides a seamless connection for remote users.

    Check Point NGFW is suitable for organizations of all sizes, from small businesses to larger enterprises.

    Reviews from Real Users

    Check Point NGFW stands out among its competitors for a number of reasons. Two major ones are its intrusion prevention feature as well as its centralized management, which makes it very easy to deploy firewall policies to many firewalls with one click.

    Shivani J., a network security administrator, writes, "Check Point has a lot of features. The ones I love are the antivirus, intrusion prevention, and data loss prevention."

    G., a network administrator at Secretaría de Finanzas de Aguascalientes, writes, “Within the organization, the inspection of packages has given us great help in detecting traffic that may be a threat to the institution. The configuration of policies has allowed us to maintain control of access and users for each institution that is incorporated into our headquarters.”

    Arun J., a senior network engineer, notes, “The nicest feature is the centralized management of multiple firewalls. With the centralized management, we can easily use and operate multiple firewalls as well as create a diagram of them.”

    The Cisco Secure Firewall portfolio delivers greater protections for your network against an increasingly evolving and complex set of threats. With Cisco, you’re investing in a foundation for security that is both agile and integrated- leading to the strongest security posture available today and tomorrow.

      From your data center, branch offices, cloud environments, and everywhere in between, you can leverage the power of Cisco to turn your existing network infrastructure into an extension of your firewall solution, resulting in world class security controls everywhere you need them.

      Investing in a Secure Firewall appliance today gives you robust protections against even the most sophisticated threats without compromising performance when inspecting encrypted traffic. Further, integrations with other Cisco and 3rd party solutions provides you with a broad and deep portfolio of security products, all working together to correlate previously disconnected events, eliminate noise, and stop threats faster.

      Offer
      Learn more about Check Point NGFW
      Learn more about Cisco Secure Firewall
      Sample Customers
      Control Southern, Optimal Media
      There are more than one million Adaptive Security Appliances deployed globally. Top customers include First American Financial Corp., Genzyme, Frankfurt Airport, Hansgrohe SE, Rio Olympics, The French Laundry, Rackspace, and City of Tomorrow.
      Top Industries
      REVIEWERS
      Financial Services Firm24%
      Computer Software Company15%
      Comms Service Provider7%
      Government7%
      VISITORS READING REVIEWS
      Computer Software Company19%
      Comms Service Provider16%
      Financial Services Firm8%
      Government7%
      REVIEWERS
      Financial Services Firm16%
      Comms Service Provider13%
      Computer Software Company9%
      Government8%
      VISITORS READING REVIEWS
      Computer Software Company20%
      Comms Service Provider17%
      Government8%
      Educational Organization5%
      Company Size
      REVIEWERS
      Small Business28%
      Midsize Enterprise19%
      Large Enterprise53%
      VISITORS READING REVIEWS
      Small Business25%
      Midsize Enterprise19%
      Large Enterprise56%
      REVIEWERS
      Small Business35%
      Midsize Enterprise25%
      Large Enterprise40%
      VISITORS READING REVIEWS
      Small Business28%
      Midsize Enterprise18%
      Large Enterprise53%
      Buyer's Guide
      Check Point NGFW vs. Cisco Secure Firewall
      January 2023
      Find out what your peers are saying about Check Point NGFW vs. Cisco Secure Firewall and other solutions. Updated: January 2023.
      672,411 professionals have used our research since 2012.

      Check Point NGFW is ranked 4th in Firewalls with 163 reviews while Cisco Secure Firewall is ranked 2nd in Firewalls with 91 reviews. Check Point NGFW is rated 9.0, while Cisco Secure Firewall is rated 8.2. The top reviewer of Check Point NGFW writes "Centrally managed, good antivirus and attack prevention capabilities, knowledgeable support". On the other hand, the top reviewer of Cisco Secure Firewall writes "The ability to implement dynamic policies for dynamic environments is important, given the fluidity in the world of security". Check Point NGFW is most compared with Fortinet FortiGate, Palo Alto Networks NG Firewalls, Azure Firewall, pfSense and OPNsense, whereas Cisco Secure Firewall is most compared with Fortinet FortiGate, Meraki MX, Palo Alto Networks WildFire, pfSense and Sophos XG. See our Check Point NGFW vs. Cisco Secure Firewall report.

      See our list of best Firewalls vendors.

      We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.