We performed a comparison between Cisco Secure Firewall and Palo Alto Networks NG Firewalls based on our users’ reviews in four categories. After reading all of the collected data, you can find our conclusion below.
Features: Cisco Secure Firewall is commended for its threat defense, dashboard visibility, seamless integration with other Cisco products, and ease of use. Palo Alto Networks NG Firewalls are highly regarded for their embedded machine learning, robust security capabilities, and intuitive interface.
Both the Cisco Secure Firewall and Palo Alto Networks NG Firewalls have numerous areas for improvement. The Cisco Secure Firewall needs enhancement in network performance, policy administration, advanced features, management interface, patching and bug fixing, integration with other tools, and centralized management. Palo Alto Networks NG Firewalls can improve in terms of customization, next-generation capabilities, rule creation, monitoring interface, bug fixing, configuration simplicity, support processes, ACC tool, IPv6 support, VPN functionality, GUI interface, training materials, SSL inspection, and external dynamic list feature.
Service and Support: Customer opinions on the customer service of Cisco Secure Firewall vary, as some customers appreciate the technical support they receive, while others encounter delays and challenges. Palo Alto Networks NG Firewalls also receive mixed reviews for their customer service. While some customers commend the expertise of their support team, others express frustration with contacting the team and enduring lengthy wait times.
Ease of Deployment: The setup process for Cisco Secure Firewall can be more or less complex depending on the user's familiarity and environment. The initial setup for Palo Alto Networks NG Firewalls is described as simple, uncomplicated, and effortless. Users appreciate its user-friendly and efficient design, with readily available training materials for easy comprehension.
Pricing: Reviewers have differing opinions on the setup cost of Cisco Secure Firewall. Some consider it expensive due to additional expenses for licensing, support, and hardware. Palo Alto Networks NG Firewalls are generally acknowledged to have higher pricing. Reviewers note that Palo Alto Networks offers competitive hardware prices and discounts for multi-year licenses.
Comparison Results: Palo Alto Networks NG Firewalls is the preferred choice when compared to Cisco Secure Firewall. Users find the initial setup of Palo Alto Networks NG Firewalls to be straightforward and easy. Palo Alto Networks NG Firewalls stands out for its embedded machine learning capabilities, strong security features, and user-friendly interface.
"We've found the solution to be pretty stable."
"What I like the most is the configuration and that it's simple, and straightforward to maintain."
"It is a safe product."
"In terms of security, we have not experienced any security flaws or loopholes, and it has proven to be quite stable."
"It's very fast and easy to configure."
"The pipe filter application is an outstanding feature."
"It has improved our security capabilities."
"We are very happy with the general bandwidth agility we have seen from one website to another website."
"The feature my customers find the most valuable is the exportability."
"It's very stable and mature."
"There are some hiccups here and there, but compared to the technical support from other vendors, I have had the best experience with Cisco's technical support. I would rate them at nine out of ten."
"The whole firewall functionality, including firewall policies and IPS policies, is valuable. It has all kinds of functionalities. It has IPS, VPN, and other features. They are doing quite a lot of stuff with their devices."
"I have found the stability of this solution really good. This is why I use it."
"There are no issues that we are aware of. It does its job silently in the background."
"The stability of the solution is very good. We can see that it gets even better with every release."
"This product is pretty stable."
"You can easily integrate it with Active Directory, and you can use the GlobalProtect VPN for internal and external purposes. The URL Filtering is also clear and the application filtering is a plus. The application filtering is much better when you compare it to FortiGate or other firewall vendors."
"The technology's very good. We have had a lot of good experience with this solution."
"The most valuable feature of the solution is the network protection."
"It worked fine normally."
"All the features are valuable, but my main one is the straightforward and well-designed GUI. I'm over 50 and have been in this business since the internet started. I'm not a GUI guy; I prefer using the command line. The product's GUI is excellent, and so is the threat intelligence. It's also straightforward to configure and flexible. The solution even has good networking, such as VLAN and subinterfaces, which is great because, in my experience, if the firewall is good, then the router usually isn't and vice-versa, but Palo Alto has both."
"I like to install Palo Alto mainly on the data center side to have visibility into all VLANs. That gives full visibility into the core."
"The most valuable feature is the security provided by the ATP."
"The DNS sync code in your filtering is the most valuable feature of the Palo Alto Networks NG Firewalls."
"Fortinet FortiGate could improve if it had a cloud-managed solution."
"The process of configuring firewall rules appears excessively complex."
"Fortinet FortiGate could improve by having more storage in the hardware for log data."
"I would like to see improvements in the product's application rules."
"The improvement is related to logs. Instead of the CLI, we should be able to have more insights into the logs of the firewall in the GUI."
"We sometimes have issues with FortiGate's routing table in the latest firmware update. We had to downgrade the device because our customers complained about bugs."
"The solution is very expensive."
"To some degree, it's almost a question as to why some of this stuff isn't simpler. For example, for an AP deployment, while it's integrated, the number of steps that you have to go through in order to get the AP up, seems like a lot."
"A feature that would allow me to load balance among multiple ISPs, especially since we have deployed it as a perimeter firewall, would be a great addition."
"The service could use a little more web filtering. If I compare it to Cyberoam, Cyberoam has more the web filtering, so if you want to block a website, it's easier in other solutions than in Cisco."
"One big pain point I have is the ASDM interface because it's Java, and sometimes, it's a bit buggy and has low performance. That's something that probably won't be improved because of backward compatibility."
"It could use a web-based portal for VPN. Earlier they had it in the ASA model, but currently they don't have it."
"Multiple WAN connections: Even though you can implement more than one interface to outside connections, it is lacking on load balances, etc."
"Deploying configurations takes longer than it should."
"The Cisco ASA device needs overall improvement, as configurations alone do not completely secure my network."
"Cisco still has a lot of work to do. You can convert an ASA over to a Firepower, but the competitors, like Palo Alto and Juniper, are coming in. And believe it or not, they are a little bit more intuitive. Cisco has a little bit more work to do. They're playing catch up."
"Technical support could be faster."
"For an upcoming release, they could improve on the way to build security rules per user."
"The functionalities are limited."
"Having a better pricing model would make this product more competitive, and more affordable for our customers."
"The support could be improved."
"Its price can be better. They should also provide some more examples of configurations online."
"When there was change from IPv4 to IPv6, some of the firewalls still didn't support IPv6. In North America, we have seen most customers are using IPv6, as they are getting the IPv6 IPs from their ISPs. Sometimes, when they go through the firewall, it denies the traffic."
"With new features and applications you get bugs."
More Palo Alto Networks NG Firewalls Pricing and Cost Advice →
Cisco Secure Firewall is ranked 4th in Firewalls with 404 reviews while Palo Alto Networks NG Firewalls is ranked 6th in Firewalls with 161 reviews. Cisco Secure Firewall is rated 8.2, while Palo Alto Networks NG Firewalls is rated 8.6. The top reviewer of Cisco Secure Firewall writes "Highlights and helps us catch Zero-day vulnerabilities traveling across our network". On the other hand, the top reviewer of Palo Alto Networks NG Firewalls writes "We get reports back from WildFire on a minute-by-minute basis". Cisco Secure Firewall is most compared with Palo Alto Networks WildFire, Netgate pfSense, Meraki MX, Sophos XG and Juniper SRX Series Firewall, whereas Palo Alto Networks NG Firewalls is most compared with Check Point NGFW, Azure Firewall, Meraki MX, Sophos XG and OPNsense. See our Cisco Secure Firewall vs. Palo Alto Networks NG Firewalls report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
Pricewise Cisco. But PA has better rating.
Palo Alto is better.
In my Oppinion, Palo Alto is better than Cisco. You can refer in NSS Lab 2018 & 2019 DCSG-SVM, NSS-labs-NGIPS-Comparative-Report, and some report from Forester about Zero Trust Architecture, and Gartner SASE report to discus more advantages of Palo Alto in the future