Try our new research platform with insights from 80,000+ expert users

Cisco Secure Firewall vs Zscaler Cloud Firewall comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 16, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Fortinet FortiGate
Sponsored
Ranking in Firewalls
2nd
Average Rating
8.4
Reviews Sentiment
7.0
Number of Reviews
390
Ranking in other categories
Software Defined WAN (SD-WAN) Solutions (1st), WAN Edge (1st)
Cisco Secure Firewall
Ranking in Firewalls
6th
Average Rating
8.2
Reviews Sentiment
7.3
Number of Reviews
428
Ranking in other categories
Cisco Security Portfolio (3rd)
Zscaler Cloud Firewall
Ranking in Firewalls
25th
Average Rating
8.2
Reviews Sentiment
8.0
Number of Reviews
18
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of July 2025, in the Firewalls category, the mindshare of Fortinet FortiGate is 21.2%, up from 17.7% compared to the previous year. The mindshare of Cisco Secure Firewall is 6.2%, up from 5.5% compared to the previous year. The mindshare of Zscaler Cloud Firewall is 0.4%, up from 0.3% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Firewalls
 

Featured Reviews

Vasu Gala - PeerSpot reviewer
A stable solution with an intuitive interface and quick customer service
I have been working with Fortinet FortiGate, WatchGuard, Sophos, and SonicWall. I'm not as comfortable with SonicWall because of their UI and limitations. I prefer Fortinet above all other options. When it comes to configuration, I am confident in my ability to handle various tasks, including creating policies such as firewall rules, web policies, and application policies. Additionally, I can configure VPNs and implement load balancing, among other tasks. Overall, I feel much more comfortable working with Fortinet. Fortinet has made significant improvements by integrating AI with firewalls for threat analysis and prevention. In the past 2-3 years, they have launched FortiSASE and SIEM, and they also provide SOC services. Both Palo Alto and Fortinet FortiGate are excellent. While Fortinet FortiGate comes at higher prices, the functionality and support justify the cost. They promptly resolve firmware issues and inform all support providers about configuration changes.
Phil Shiflett - PeerSpot reviewer
Unified policies streamline network management but complex licensing requires attention
Cisco Secure Firewall has some growth opportunities in terms of visibility and control capabilities regarding managing encrypted traffic. It has the ability to analyze encrypted traffic, and there is potential for more integration with APIs and AI to enhance these capabilities. Cisco Secure Firewall needs improvement in deployment time and the capability to access the CLI during support calls. I often encounter issues when technical support uses a CLI that is not familiar to me while troubleshooting through the GUI. My ongoing complaint for the last six years has been the lack of CLI functionality, which hinders my ability to work on the firewall, alongside concerns regarding deployment time. For the next release, they should look at the features offered by competitors such as Fortinet, including the ability to perform packet capture directly from the interface. If they enhanced their troubleshooting efficiency related to packet capture for each specific rule, it would simplify the process significantly.
Bhaskar Rao - PeerSpot reviewer
Though it helps deal with web traffic or any malicious traffic, it needs to work on its DC performance issues
The product's initial setup phase is moderate in level, so it is neither very complex nor very easy. For the deployment, my company first needs to gather all the requirements of the users and the domain names and consider how many users there are in the company. In the implementation and planning part, my company needs to consider what kind of policies we will create while ensuring that the policies are created based on the requirements of the users. There is a need to segregate the users' requirements since there are separate departments in the company, like the HR department, sales department, IT department, and manufacturing department, so that our company can create policies depending on their requirements. On-site, if you want a GRE tunnel, our company can handle GRE tunnel traffic routing and Zscaler Cloud Firewall, after which Zscaler will take action based on the policies created by our organization. For the deployments and maintenance, a team of five members consisting of two managers and three engineers is required.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The most valuable features of Fortinet FortiGate are it is one of the most mature firewalls in the UTM bundle."
"The solution is extremely reliable."
"The ability to set up remote systems is the most valuable feature."
"The quick resolution of issues with Fortinet FortiGate is due to the support of the company and the fact that the equipment is easy to work with."
"Fortinet FortiGate is a very light product. It's easy to understand."
"The customization potential is quite impressive."
"Fortinet FortiGate has a threat detection capacity compared to other vendors."
"Fortinet FortiGate helps improve my organization since it's quick and easy to install, and we don't have to call support frequently."
"We chose Cisco because it had the full package that we were looking for."
"It's protecting the organization against the impact of cyber threats and cybersecurity. We run manufacturing plants that have hazardous material, and we don't want that manufacturing process to be impacted by break-in exposure, cyber threats, or any other similar thing."
"Customer service and support are excellent. I would rate their support 10 out of 10."
"Being able to determine our active users vs inactive users has led us to increased productivity through visibility. Also, if an issue was happening with our throughput, then we wouldn't know without research. Now, notifications are more proactively happening."
"The remote access, VPN, and ACL features are valuable. We are using role-based access for individuals."
"I would evaluate customer service and technical support for Cisco Secure Firewall as excellent, as my Cisco team for the Army has been exceptional."
"My confidence continues to build upon using Cisco firewalls."
"Manageability of Cisco ASA. It has a GUI interface, unlike the most of Cisco IOS. For beginners they can "sneak in" and apply the command and see the actual commands that the GUI launches. In addition, Cisco has the reputation regarding security."
"The visibility and log availability offered are highly valued for troubleshooting purposes, and this is a key factor driving customer interest in the firewall module."
"Zscaler provides effective protection against various cyber threats ensuring a safe environment"
"The solution offers good sandboxing."
"Once you have Zscaler running you have access to configure it however you want."
"The solution is scalable."
"Zscaler Cloud Firewall understands the applications in the current generation and adapts to the present generation cloud applications."
"Zscaler is still a very good product."
"It provides in-depth visibility into your network, ensuring that traffic flowing into your organization, be it from offices or individual users, is effectively filtered and secured through multiple layers of protection."
 

Cons

"There is one big configuration file with no separations for the unique VDOMs. Maybe they could separate individual VDOM configuration files with the root VDOM configuration file referencing the individual VDOM config files.​"
"The graphical user interface of Fortinet's FortiGate product does not function well with text-based interfaces."
"Compared to some other products, the DLP is not at par for the moment."
"The logs need to be better. They need to be more visible and easier to access."
"The security of Fortinet FortiGate could improve."
"Improvement is needed in the Web Filter quotas to restrict users with allocated quotas."
"Sometimes you do need to know some CLI commands, so it's a bit harder for technicians or new people that don't know it."
"It is very expensive, and their support is not very good. I hope that their technical support will be better in the future."
"An area for improvement is the graphical user interface. That is something that is coming up now. They could make the product more user-friendly. A better GUI is something that would make life much easier."
"There are always vulnerabilities that come up and there was one in early 2018 but this was patched with software updates."
"The license system is also good but it's not very impressive. It's a very regular licensing system. They call it a smart license which means that your device will connect to the internet. This is a little bit of a headache for some customers. It doesn't make the customer happy because most of the customers prefer not to connect their firewall or system to the internet."
"There may have been one or two incidences of malicious threats."
"One of my colleagues is using the firewall as an IPS, but he is worried about Firepower's performance... With the 10 Gb devices, when it gets to 5 Gbps, the CPU usage goes up a lot and he cannot manage the IPS."
"There are some limitations with SSL. Regarding the security assessment for the ISO 27000 standard, there are certain features that Cisco needs to scale up. Not all products support it, so you need to be slightly careful, especially on the site track."
"Cisco ASA Firewall could improve by adding more advanced features such as web filtering, which is available in the next-generation firewalls. However, the Cisco ASA Firewall I am using could be old and these features have been updated."
"I would like it to have faster deployment times. A typical deployment could take two to three minutes. Sometimes, it depends on the situation. It is better than it was in the past, but it could always use improvement."
"We are having some issues with internet access being denied when organizational ID-based policies change. For example, a lower level employee ends up getting the same level of access as that of a higher level employee."
"Instead of the standard license, they should certainly provide customers with the visibility to access and view the logs."
"Data Leak Prevention is only for web filtering and there is no protection for email."
"Apart from the issues associated with the product in areas like the DC performance issues and DC failover, Zscaler Cloud Firewall's IP should not have a proxy IP."
"It would be better if they improved their policy, package visibility, and flexibility while we're creating rules for inspection. It could also be cheaper or more things could be included in the basic package. In the next release, I would like better coverage in the Asia Pacific region and better quality of service."
"Certain criteria need to be met if you want to scale this solution."
"I don't have the visibility of a control dashboard or a network management system."
"The product could improve its integration with some legacy systems."
 

Pricing and Cost Advice

"It is expensive. You need to pay for the subscription every year, which is very expensive. The subscription includes technical support and hardware exchange in case of failure."
"The price for the Fortinet FortiGate is reasonable. Secure SD-WAN is free of charge. If you have their firewall, it's free of charge. It's very tempting."
"This is not a cheap solution but it isn't expensive, either. It's a good solution for the right price."
"The price is fair for what we get with FortiGate."
"Setup cost may be not so low, as you expect, because it depends on different factors, but TCO for 5 years may pleasantly surprise you."
"It was worth the money overall. It's good value."
"We just pay a flat monthly fee to the vendor for the support."
"These boxes are not that expensive compared to what they can do, their functionality, and the reporting you receive. Fortinet licensing is straightforward and less confusing compared to Cisco."
"The solution’s pricing is competitive."
"Once you know what the product is, it is not that bad. Yes, it is expensive. When you try to get a license, it is like, "Well, I don't know which one of these I need. And, if I don't buy it now, then I will probably be back later. Now, I have to justify the money." Typically, you end up just buying everything that you don't use most of the time. It is one of those solutions where you get what you pay for. If you don't know what you need, just buy everything. We have additional licenses that we don't use."
"It is more expensive than the other solutions."
"It has a great performance-to-price value, compared to competitive solutions."
"The prices of Cisco Secure Firewall are competitive, especially for us as Cisco partners. We purchase the products directly from Cisco as a gold partner, which allows us to obtain better pricing than we would get from normal distributors or the local market."
"It's pretty competitive. If they could make it cheaper, it would be great. You always want cheaper, but relative to the performance capabilities of the firewall and relative to what you get, it's fair. It's not the cheapest in the world, but you get an excellent product for that price."
"Cisco's prices are more or less comparable to those of other products."
"Commercial leasing is the best option."
"Zscaler is priced too high compared to the cost of Fortinet."
"It is not the most budget-friendly solution, but it's important to consider its overall value."
"It is expensive for small businesses."
"The product is a bit expensive compared to the solutions offered by its competitors, like Palo Alto. There is a need to make yearly payments towards the license in charges associated with the product."
"The licensing is on a yearly basis. It is somewhere around 30 or 40 pounds per user for our organization."
"It comes at a significantly reduced cost while ensuring control and effectiveness."
"There is an annual license required for the use of the Zscaler Cloud Firewall."
"There are different subscription models available."
report
Use our free recommendation engine to learn which Firewalls solutions are best for your needs.
862,499 professionals have used our research since 2012.
 

Comparison Review

it_user206346 - PeerSpot reviewer
Mar 11, 2015
Cisco ASA vs. Palo Alto Networks
Cisco ASA vs. Palo Alto: Management Goodies You often have comparisons of both firewalls concerning security components. Of course, a firewall must block attacks, scan for viruses, build VPNs, etc. However, in this post I am discussing the advantages and disadvantages from both vendors concerning…
 

Top Industries

By visitors reading reviews
Computer Software Company
16%
Comms Service Provider
8%
Manufacturing Company
7%
Educational Organization
7%
Computer Software Company
20%
Educational Organization
14%
University
7%
Manufacturing Company
7%
Computer Software Company
13%
Financial Services Firm
12%
Manufacturing Company
8%
Retailer
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Which is the better NGFW: Fortinet Fortigate or Cisco Firepower?
When you compare these firewalls you can identify them with different features, advantages, practices and usage a...
What is the biggest difference between Sophos XG and FortiGate?
From my experience regarding both the Sophos and FortiGate firewalls, I personally would rather use FortiGate. I know...
What are the biggest technical differences between Sophos UTM and Fortinet FortiGate?
As a solution, Sophos UTM offers a lot of functionality, it scales well, and the stability and performance are quite ...
Which is better - Fortinet FortiGate or Cisco ASA Firewall?
One of our favorite things about Fortinet Fortigate is that you can deploy on the cloud or on premises. Fortinet Fort...
How does Cisco's ASA firewall compare with the Firepower NGFW?
It is easy to integrate Cisco ASA with other Cisco products and also other NAC solutions. When you understand the Cis...
Which is better - Meraki MX or Cisco ASA Firewall?
Cisco Adaptive Security Appliance (ASA) software is the operating software for the Cisco ASA suite. It supports netw...
Which lesser known firewall product has the best chance at unseating the market leaders?
Netscope, Zscaler if they continue route they are on now. FIrewalls needs great deal of automation on each end, datac...
What do you like most about Zscaler Cloud Firewall?
The product’s firewall and VPN package are fantastic compared to any other solution.
What is your experience regarding pricing and costs for Zscaler Cloud Firewall?
Zscaler Cloud Firewall is quite expensive compared to competitors. However, it offered moderate value for money.
 

Also Known As

FortiGate 60b, FortiGate 60c, FortiGate 80c, FortiGate 50b, FortiGate 200b, FortiGate 110c, FortiGate, Fortinet Firewall
Cisco Adaptive Security Appliance (ASA) Firewall, Cisco ASA NGFW, Adaptive Security Appliance, Cisco Sourcefire Firewalls, Cisco ASAv, Cisco Firepower NGFW Firewall
No data available
 

Overview

 

Sample Customers

Amazon Web Services, Microsoft, IBM, Cisco, Dell, HP, Oracle, Verizon, AT&T, T-Mobile, Sprint, Vodafone, Orange, BT Group, Telstra, Deutsche Telekom, Comcast, Time Warner Cable, CenturyLink, NTT Communications, Tata Communications, SoftBank, China Mobile, Singtel, Telus, Rogers Communications, Bell Canada, Telkom Indonesia, Telkom South Africa, Telmex, Telia Company, Telkom Kenya
There are more than one million Adaptive Security Appliances deployed globally. Top customers include First American Financial Corp., Genzyme, Frankfurt Airport, Hansgrohe SE, Rio Olympics, The French Laundry, Rackspace, and City of Tomorrow.
Zenith Live, Azure, Carlsberg Group
Find out what your peers are saying about Cisco Secure Firewall vs. Zscaler Cloud Firewall and other solutions. Updated: July 2025.
862,499 professionals have used our research since 2012.