Cisco Secure Firewall vs Zscaler Cloud Firewall comparison

Cisco and Zscaler are both solutions in the Firewalls category. Cisco is ranked #7 with an average rating of 8.1, while Zscaler is ranked #24 with an average rating of 8.3. Cisco holds a 6.0% mindshare in Firewalls, compared to Zscaler’s 0.4% mindshare. Additionally, 83% of Cisco users are willing to recommend the solution, compared to 92% of Zscaler users who would recommend it.

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Sep 16, 2024

Cisco Secure Firewall and Zscaler Cloud Firewall are both leading solutions in the cybersecurity space. Users often see Zscaler Cloud Firewall as the superior product due to its advanced features, despite the higher cost.

Features: Cisco Secure Firewall offers robust security management, excellent integration capabilities, and a high degree of configurability. Zscaler Cloud Firewall provides scalable cloud-native architecture, advanced threat protection, and comprehensive feature sets that exceed those of many competitors.

Room for Improvement: Cisco Secure Firewall needs more intuitive management capabilities, better integration with third-party tools, and smoother software updates. Zscaler Cloud Firewall requires better troubleshooting options, more detailed logging features, and enhanced offline functionality.

Ease of Deployment and Customer Service: Cisco Secure Firewall has straightforward deployment but requires significant initial configuration. Customers rate its service highly. Zscaler Cloud Firewall is reported to have seamless deployment and responsive support, with a slight edge in deployment simplicity and customer service.

Pricing and ROI: Cisco Secure Firewall is generally seen as cost-effective with a quicker return on investment. Zscaler Cloud Firewall, while more expensive, is perceived as offering good value for the price. The better ROI depends on specific needs and budget constraints of the users.

To learn more, read our detailed Cisco Secure Firewall vs. Zscaler Cloud Firewall Report (Updated: September 2025).

Buyer's Guide

Cisco Secure Firewall vs. Zscaler Cloud Firewall

September 2025

Download the complete report

Helped 867,676 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Fortinet FortiGate

Mindshare comparison

As of September 2025, in the Firewalls category, the mindshare of Fortinet FortiGate is 20.7%, up from 18.6% compared to the previous year. The mindshare of Cisco Secure Firewall is 6.0%, up from 5.3% compared to the previous year. The mindshare of Zscaler Cloud Firewall is 0.4%, up from 0.3% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Firewalls Market Share Distribution
Product	Market Share (%)
Fortinet FortiGate	20.7%
Cisco Secure Firewall	6.0%
Zscaler Cloud Firewall	0.4%
Other	72.9%

Firewalls

Featured Reviews

Vasu Gala

Manager, Information Technology Operation/Presales at TechMonarch

A stable solution with an intuitive interface and quick customer service

I have been working with Fortinet FortiGate, WatchGuard, Sophos, and SonicWall. I'm not as comfortable with SonicWall because of their UI and limitations. I prefer Fortinet above all other options. When it comes to configuration, I am confident in my ability to handle various tasks, including creating policies such as firewall rules, web policies, and application policies. Additionally, I can configure VPNs and implement load balancing, among other tasks. Overall, I feel much more comfortable working with Fortinet. Fortinet has made significant improvements by integrating AI with firewalls for threat analysis and prevention. In the past 2-3 years, they have launched FortiSASE and SIEM, and they also provide SOC services. Both Palo Alto and Fortinet FortiGate are excellent. While Fortinet FortiGate comes at higher prices, the functionality and support justify the cost. They promptly resolve firmware issues and inform all support providers about configuration changes.

Read full review

Phil Shiflett

Senior Manager, Network Engineering at TTi Power Equipment

Unified policies streamline network management but complex licensing requires attention

Cisco Secure Firewall has some growth opportunities in terms of visibility and control capabilities regarding managing encrypted traffic. It has the ability to analyze encrypted traffic, and there is potential for more integration with APIs and AI to enhance these capabilities. Cisco Secure Firewall needs improvement in deployment time and the capability to access the CLI during support calls. I often encounter issues when technical support uses a CLI that is not familiar to me while troubleshooting through the GUI. My ongoing complaint for the last six years has been the lack of CLI functionality, which hinders my ability to work on the firewall, alongside concerns regarding deployment time. For the next release, they should look at the features offered by competitors such as Fortinet, including the ability to perform packet capture directly from the interface. If they enhanced their troubleshooting efficiency related to packet capture for each specific rule, it would simplify the process significantly.

Read full review

Vikram Srirama.

Deputy General Manager at Sagility

A highly scalable solution that helps monitor and block undesired, non-standard traffic

Zscaler Cloud Firewall is a cloud-based solution. Zscaler Cloud Firewall is a good product. Since it's a SaaS product, most of the maintenance of devices is eliminated, and it is bundled with your secure web gateway. People should use Zscaler Cloud Firewall for their remote users or work-from-home users. Overall, I rate Zscaler Cloud Firewall a nine out of ten.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"Fortinet FortiGate helps improve my organization since it's quick and easy to install, and we don't have to call support frequently."

"It performs very well."

"It's very easy to set up, it's very easy to make policies and, for an organization, that means you don't need IT expert in firewalls. You just need to have somebody who knows a little bit of IT, and that's it. With other products, you need someone with a "Masters" degree in firewalls."

"The solution is easy to configure and maintain remotely."

"We have a redundant setup for failover, however, it has not had to fail over ever and we have not had a capacity issue."

"It is a one box solution, which covers most of the edge device’s requirements."

"Fortigate represents a really scalable way of delivering perimeter network security, some level of layer 7 security, WAF, and also a way to create a meshed ADVPN solution."

"Fortinet FortiGate has a threat detection capacity compared to other vendors."

More Fortinet FortiGate pros

"The most valuable features are the flexibility and level of security that this solution provides."

"This solution is easy to use if you know how to set it up."

"It's a flexible solution."

"The best solutions for our company are those we have yet to implement so it will be even better in the future for us than it already is."

"The transparency of the single UI to ensure security. A product has to be simple so that an administrator can use it."

"The high-availability and remote VPN features are most valuable."

"It's very scalable. You can go to different models of the ASAs and they scale up to as big as you want to go."

"The features that are most valuable within the firewall are the IPS as well as the Unified Communications. We also really like the dynamic grouping."

More Cisco Secure Firewall pros

"Since it is really customizable, I can use it and avoid enabling access to the full network."

"Most of the features that Zscaler has to offer, we will deploy."

"The visibility and log availability offered are highly valued for troubleshooting purposes, and this is a key factor driving customer interest in the firewall module."

"I like the ease of deployment and its flexibility. We don't need to deal with license, quotes, procurement, delivery, and installation. Everything is software-based, and it's very easy to operate."

"It is a stable solution."

"The solution offers good sandboxing."

"If malicious traffic attacks our on-premises servers, then it gets blocked by Zscaler Cloud Firewall."

"The scalability is okay. We have around 2200 people using this solution."

More Zscaler Cloud Firewall pros

Cons

"Fortinet FortiGate could improve their documentation on forward error correction and failover technologies."

"The support is not good because I generally search for solutions online. When I open a case, they usually identify it as a bug they are working on."

"One drawback of Fortinet FortiGate is that they provide two types of models: one with a hard disk and another without. The model without a hard disk has very low ROM where you can store very few logs, after which you need to upload it to the cloud or purchase a firewall with SSD. That's the only drawback."

"We understand that FortiGate cannot be standalone without others, such as FortiManager, so for small businesses, if FortiGate can provide something similar to FortiManager, it will be better."

"The built-in logging and reporting is limited without FortiAnalyzer."

"Fortinet FortiGate SWG's costs need improvement."

"There are no areas that need improvement at this point in time."

"They have recently acquired a CNAP solution which should be integrated into FortiGate boxes natively for protection at any application layer. Since Fortinet FortiGate has Layer 7 protection, they should integrate that as soon as they can for threat detection and network detection."

More Fortinet FortiGate cons

"One area that could be improved is its logging functionality. Your logs are usually displayed on the screen, but if you want to go back one or two days, then you need another solution in place because those logs are overwritten within minutes."

"The intelligence has room for improvement. There are some hackers that we haven't seen before and its ability to detect those types of attacks needs to be improved."

"On the VPN side, Firepower could be better. It needs more monitoring on VPNs. Right now, it's not that good. You can set up a VPN in Firepower, but you can't monitor it."

"We would like to be able to manage a set of firewalls rather than individual firewalls. We haven't really looked into it or yet implemented it, but a single pane of glass would be helpful. We also use another vendor's firewalls, and they have a centralized management infrastructure that we have implemented, which makes it a little bit easier when you're managing lots of firewalls."

"Tech support could not answer all of our questions. I had to do research on the web to solve my issues."

"There was an error in the configuration, related to our uplink switches, that caused us to contact technical support, and it took a very long time to resolve the issue."

"The policies module in FMC specifically isn't the most user-friendly. Coming from Cisco ASA, Cisco ASA is a little bit easier to use. When you get into particularly complex deployments where you have a lot of different interfaces and all that kind of stuff, it's a little bit tricky. Some usability improvements there would be nice."

"They should improve their interface."

More Cisco Secure Firewall cons

"The product could improve its integration with some legacy systems."

"There are several areas for improvement. Firstly, the GUI is outdated, with noticeable lags and delays, especially when generating reports for past transactions."

"The issue right now is probably that Zscaler is not providing web browser isolation. Another solution, Menlo, offers this. For one customer, we had to send traffic to Menlo to do the isolation for us. It was requested by the customer so that they could integrate any iframe. Zscaler needs to add this type of feature in their next release."

"Apart from the issues associated with the product in areas like the DC performance issues and DC failover, Zscaler Cloud Firewall's IP should not have a proxy IP."

"It would be nice to have some sort of a form factor, a physical form factor perhaps, or virtual machine that you could install on devices or on a cloud, and have some cloud computing."

"Zscaler Cloud Firewall should have a better understanding of all dynamic cloud applications."

"Data Leak Prevention is only for web filtering and there is no protection for email."

"I don't have the visibility of a control dashboard or a network management system."

More Zscaler Cloud Firewall cons

Pricing and Cost Advice

"I pay €1,200 per year for the license along with Fortinet's 81E firewall appliance. I would rate this pricing as 3/5 stars, and I believe the price is reasonably similar to its competitors in the market, being somewhere in the middle."

"The price of Fortinet FortiGate is the lowest in the market."

"The price of Fortinet FortiGate could improve, it is expensive."

"I would rate the pricing a seven out of ten"

"We find the most valuable aspect of this solution is the price. It is affordable, and cheaper than other firewalls."

"The price is okay."

"The product is expensive compared to one of its competitors."

"It is quite affordable for our customers. There is a separate cost for IPS, antivirus, web filtering, and other features. They have a great choice of licenses. You can go for the license that you want, which is quite useful."

More Fortinet FortiGate pricing and cost advice

"It's a brilliant firewall, and the fact that it comes with a perpetual license really does go far in terms of helping the organization in not having to deal with those costs on an annual basis. That is a pain point when it comes to services like the ones we have on Fortigate. That's where we really give Cisco firewalls the thumbs up."

"The pricing is very good for us, especially since we have a partnership with Cisco. The challenge is the licensing. There are competitors that offer more flexible licensing, such as daily licensing, some offer hourly, but Cisco is locked in for one, three, and five years. We don't have much flexibility, especially if we want to shift applications or shift users at any time. Hopefully, licensing becomes more flexible."

"Licensing is expensive compared to other solutions."

"That'd be more for my leadership, but I give them the quotes, and if they approve, they're happy. They've never wavered, so I wouldn't say it's out of the realm where they're considering another product. It must be in the direct price range for our leadership to not blink an eye when we give it to them."

"The licensing package is good, but the licensing fee should be decreased."

"We've gone to all smart licensing, so that works well."

"The product is very expensive."

"It definitely competes with the other vendors in the market."

More Cisco Secure Firewall pricing and cost advice

"Zscaler is priced too high compared to the cost of Fortinet."

"There are licensing costs, and I would not say that it's a cheap vendor."

"It is not the most budget-friendly solution, but it's important to consider its overall value."

"On a scale from one to ten, where one is cheap, and ten is expensive, I rate the solution's pricing an eight out of ten."

"The product is a bit expensive compared to the solutions offered by its competitors, like Palo Alto. There is a need to make yearly payments towards the license in charges associated with the product."

"It comes at a significantly reduced cost while ensuring control and effectiveness."

"It is expensive for small businesses."

"The licensing is on a yearly basis. It is somewhere around 30 or 40 pounds per user for our organization."

More Zscaler Cloud Firewall pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Firewalls solutions are best for your needs.

See recommendations

867,676 professionals have used our research since 2012.

Comparison Review

it_user206346

Security Consultant at Webernetz.net - Network Security Consulting

Mar 11, 2015

Cisco ASA vs. Palo Alto Networks

Cisco ASA vs. Palo Alto: Management Goodies You often have comparisons of both firewalls concerning security components. Of course, a firewall must block attacks, scan for viruses, build VPNs, etc. However, in this post I am discussing the advantages and disadvantages from both vendors concerning…

Read full review

Top Industries

By visitors reading reviews

Computer Software Company

15%

Comms Service Provider

Manufacturing Company

Financial Services Firm

Computer Software Company

20%

University

Manufacturing Company

Comms Service Provider

Computer Software Company

12%

Manufacturing Company

Financial Services Firm

Construction Company

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

By reviewers
Company Size	Count
Small Business	350
Midsize Enterprise	129
Large Enterprise	187

By reviewers
Company Size	Count
Small Business	180
Midsize Enterprise	126
Large Enterprise	212

By reviewers
Company Size	Count
Small Business	4
Midsize Enterprise	2
Large Enterprise	12

Questions from the Community

Which is the better NGFW: Fortinet Fortigate or Cisco Firepower?

When you compare these firewalls you can identify them with different features, advantages, practices and usage a...

See all answers

What is the biggest difference between Sophos XG and FortiGate?

From my experience regarding both the Sophos and FortiGate firewalls, I personally would rather use FortiGate. I know...

See all answers

What are the biggest technical differences between Sophos UTM and Fortinet FortiGate?

As a solution, Sophos UTM offers a lot of functionality, it scales well, and the stability and performance are quite ...

See all answers

Which is better - Fortinet FortiGate or Cisco ASA Firewall?

One of our favorite things about Fortinet Fortigate is that you can deploy on the cloud or on premises. Fortinet Fort...

See all answers

How does Cisco's ASA firewall compare with the Firepower NGFW?

It is easy to integrate Cisco ASA with other Cisco products and also other NAC solutions. When you understand the Cis...

See all answers

Which is better - Meraki MX or Cisco ASA Firewall?

Cisco Adaptive Security Appliance (ASA) software is the operating software for the Cisco ASA suite. It supports netw...

See all answers

Which lesser known firewall product has the best chance at unseating the market leaders?

Netscope, Zscaler if they continue route they are on now. FIrewalls needs great deal of automation on each end, datac...

See all answers

What do you like most about Zscaler Cloud Firewall?

The product’s firewall and VPN package are fantastic compared to any other solution.

See all answers

What is your experience regarding pricing and costs for Zscaler Cloud Firewall?

Zscaler Cloud Firewall is quite expensive compared to competitors. However, it offered moderate value for money.

See all answers

Comparisons

Sophos XG vs Fortinet FortiGate

Compared 17% of the time

Netgate pfSense vs Fortinet FortiGate

Compared 9% of the time

Cisco Meraki MX vs Fortinet FortiGate

Compared 4% of the time

WatchGuard Firebox vs Fortinet FortiGate

Compared 4% of the time

OPNsense vs Fortinet FortiGate

Compared 4% of the time

More Fortinet FortiGate Competitors

Palo Alto Networks WildFire vs Cisco Secure Firewall

Compared 9% of the time

Palo Alto Networks NG Firewalls vs Cisco Secure Firewall

Compared 8% of the time

Netgate pfSense vs Cisco Secure Firewall

Compared 4% of the time

OPNsense vs Cisco Secure Firewall

Compared 4% of the time

Cisco Meraki MX vs Cisco Secure Firewall

Compared 3% of the time

More Cisco Secure Firewall Competitors

Azure Firewall vs Zscaler Cloud Firewall

Compared 13% of the time

Check Point Quantum Force (NGFW) vs Zscaler Cloud Firewall

Compared 11% of the time

Palo Alto Networks NG Firewalls vs Zscaler Cloud Firewall

Compared 10% of the time

OPNsense vs Zscaler Cloud Firewall

Compared 8% of the time

Sangfor NGAF vs Zscaler Cloud Firewall

Compared 5% of the time

More Zscaler Cloud Firewall Competitors

Product Reports

Buyer's Guide

Fortinet FortiGate

September 2025

Download Fortinet FortiGate product report

Buyer's Guide

Cisco Secure Firewall

September 2025

Download Cisco Secure Firewall product report

Buyer's Guide

Zscaler Cloud Firewall

August 2025

Download Zscaler Cloud Firewall product report

Also Known As

No data available

Cisco Adaptive Security Appliance (ASA) Firewall, Cisco ASA NGFW, Adaptive Security Appliance, Cisco Sourcefire Firewalls, Cisco ASAv, Cisco Firepower NGFW Firewall

No data available

Overview

Fortinet FortiGate excels in providing integrated VPN, firewalling, and Unified Threat Management (UTM) with centralized management and high availability. It supports remote access and comprehensive threat protection, making it a preferred choice for securing networks.

Fortinet FortiGate offers a robust security platform with features such as strong intrusion prevention, application control, and web filtering. Its integration with Active Directory and SD-WAN functionality provides scalable solutions for large networks. Users appreciate its ease of use through centralized management interfaces, ensuring robust security with flexible configurations. However, FortiGate could enhance its graphical interface and technical support responsiveness, address firmware bugs and costly licensing, improve logging, integrate better with third-party tools, and strengthen scalability and memory for log storage. Complexity in configuration and the need for intuitive features are noted challenges, and there's a demand for advanced security, zero-trust capabilities, and AI integration.

What are the key features of Fortinet FortiGate?

VPN: Secure remote access and connectivity.
Firewalling: Protects networks from unauthorized access and attacks.
UTM: Offers a comprehensive approach to threat management.
SD-WAN: Optimizes traffic routing for efficient network performance.
Web Filtering: Controls and monitors web access and ensures Internet security.

What benefits or ROI should be considered?

Centralized Management: Simplifies administration and monitoring.
High Availability: Ensures consistent security and network availability.
Scalability: Adapts to the needs of growing networks.
Comprehensive Threat Protection: Provides robust security measures.
Ease of Use: Minimizes the complexity of security management.

Fortinet FortiGate is widely implemented across industries like education, finance, and government. Companies use it for firewall protection, VPN, and SD-WAN capabilities, ensuring secure perimeter and data center security. It facilitates remote access management and traffic routing optimization, offering reliable security and connectivity solutions.

Fortinet

Cisco Secure Firewall stands as a robust and adaptable security solution, catering to organizations of all sizes. It's designed to shield networks from a diverse array of cyber threats, such as ransomware, malware, and phishing attacks. Beyond mere protection, it also offers secure access to corporate resources, beneficial for employees, partners, and customers alike. One of its key functions includes network segmentation, which serves to isolate critical assets and minimize the risk of lateral movement within the network.

The core features of Cisco Secure Firewall are multifaceted:

Advanced threat protection is achieved through a combination of intrusion prevention, malware detection, and URL filtering technologies.
For secure access, the firewall presents multiple options, including VPN, remote access, and single sign-on.
Its network segmentation capability is vital in creating barriers within the network to safeguard critical assets.
The firewall is scalable, effectively serving small businesses to large enterprises.
Management is streamlined through Cisco DNA Center, a central management system.

The benefits of deploying Cisco Secure Firewall are substantial. It significantly reduces the risk of cyberattacks, thereby enhancing the security posture of an organization. This security also translates into increased productivity, as secure access means uninterrupted work. Compliance with industry regulations is another advantage, as secure access and network segmentation align with many regulatory standards. Additionally, it helps in reducing IT costs by automating security tasks and simplifying management processes.

In practical scenarios, Cisco Secure Firewall finds diverse applications. It's instrumental in protecting branch offices from cyberattacks, securing remote access for various stakeholders, safeguarding cloud workloads, and segmenting networks to isolate sensitive areas.

User reviews from PeerSpot reflect an overall positive experience with the Cisco Secure Firewall. Users appreciate its ease of configuration, good management capabilities, robust protection, user-friendly interface, and scalability. However, some areas for improvement include better integration capabilities with other vendors, maturity, control over bandwidth for end-users, and addressing software bugs.

In summary, Cisco Secure Firewall is a comprehensive, versatile, and reliable security solution that effectively meets the security needs of various organizations. It offers a balance of advanced protection, user-friendly management, and scalability, making it a valuable asset in the realm of network security.

Cisco

Zscaler enables the world’s leading organizations to securely transform their networks and applications for a mobile and cloud first world. Its flagship services, Zscaler Internet Access and Zscaler Private Access, create fast, secure connections between users and applications, regardless of device, location, or network. Zscaler services are 100% cloud-delivered and offer the simplicity, enhanced security, and improved user experience that traditional appliances or hybrid solutions are unable to match. Used in more than 185 countries, Zscaler operates the world’s largest cloud security platform, protecting thousands of enterprises and government agencies from cyberattacks and data loss.

Check more details: https://www.zscaler.com/produc...

Zscaler

Sample Customers

Amazon Web Services, Microsoft, IBM, Cisco, Dell, HP, Oracle, Verizon, AT&T, T-Mobile, Sprint, Vodafone, Orange, BT Group, Telstra, Deutsche Telekom, Comcast, Time Warner Cable, CenturyLink, NTT Communications, Tata Communications, SoftBank, China Mobile, Singtel, Telus, Rogers Communications, Bell Canada, Telkom Indonesia, Telkom South Africa, Telmex, Telia Company, Telkom Kenya

There are more than one million Adaptive Security Appliances deployed globally. Top customers include First American Financial Corp., Genzyme, Frankfurt Airport, Hansgrohe SE, Rio Olympics, The French Laundry, Rackspace, and City of Tomorrow.

Zenith Live, Azure, Carlsberg Group

Buyer's Guide

Cisco Secure Firewall vs. Zscaler Cloud Firewall

September 2025

Free Report: Cisco Secure Firewall vs. Zscaler Cloud Firewall

Find out what your peers are saying about Cisco Secure Firewall vs. Zscaler Cloud Firewall and other solutions. Updated: September 2025.

DOWNLOAD NOW

867,676 professionals have used our research since 2012.

See our Cisco Secure Firewall vs. Zscaler Cloud Firewall report.

See our list of best Firewalls vendors.

We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.