Try our new research platform with insights from 80,000+ expert users

Cisco Secure Firewall vs Zscaler Cloud Firewall comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 16, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Fortinet FortiGate
Sponsored
Ranking in Firewalls
2nd
Average Rating
8.4
Reviews Sentiment
7.1
Number of Reviews
377
Ranking in other categories
Software Defined WAN (SD-WAN) Solutions (1st), WAN Edge (1st)
Cisco Secure Firewall
Ranking in Firewalls
6th
Average Rating
8.2
Reviews Sentiment
7.3
Number of Reviews
428
Ranking in other categories
Cisco Security Portfolio (3rd)
Zscaler Cloud Firewall
Ranking in Firewalls
25th
Average Rating
8.2
Reviews Sentiment
8.0
Number of Reviews
18
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of July 2025, in the Firewalls category, the mindshare of Fortinet FortiGate is 21.2%, up from 17.7% compared to the previous year. The mindshare of Cisco Secure Firewall is 6.2%, up from 5.5% compared to the previous year. The mindshare of Zscaler Cloud Firewall is 0.4%, up from 0.3% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Firewalls
 

Featured Reviews

Vasu Gala - PeerSpot reviewer
A stable solution with an intuitive interface and quick customer service
I have been working with Fortinet FortiGate, WatchGuard, Sophos, and SonicWall. I'm not as comfortable with SonicWall because of their UI and limitations. I prefer Fortinet above all other options. When it comes to configuration, I am confident in my ability to handle various tasks, including creating policies such as firewall rules, web policies, and application policies. Additionally, I can configure VPNs and implement load balancing, among other tasks. Overall, I feel much more comfortable working with Fortinet. Fortinet has made significant improvements by integrating AI with firewalls for threat analysis and prevention. In the past 2-3 years, they have launched FortiSASE and SIEM, and they also provide SOC services. Both Palo Alto and Fortinet FortiGate are excellent. While Fortinet FortiGate comes at higher prices, the functionality and support justify the cost. They promptly resolve firmware issues and inform all support providers about configuration changes.
Phil Shiflett - PeerSpot reviewer
Unified policies streamline network management but complex licensing requires attention
Cisco Secure Firewall has some growth opportunities in terms of visibility and control capabilities regarding managing encrypted traffic. It has the ability to analyze encrypted traffic, and there is potential for more integration with APIs and AI to enhance these capabilities. Cisco Secure Firewall needs improvement in deployment time and the capability to access the CLI during support calls. I often encounter issues when technical support uses a CLI that is not familiar to me while troubleshooting through the GUI. My ongoing complaint for the last six years has been the lack of CLI functionality, which hinders my ability to work on the firewall, alongside concerns regarding deployment time. For the next release, they should look at the features offered by competitors such as Fortinet, including the ability to perform packet capture directly from the interface. If they enhanced their troubleshooting efficiency related to packet capture for each specific rule, it would simplify the process significantly.
Bhaskar Rao - PeerSpot reviewer
Though it helps deal with web traffic or any malicious traffic, it needs to work on its DC performance issues
The product's initial setup phase is moderate in level, so it is neither very complex nor very easy. For the deployment, my company first needs to gather all the requirements of the users and the domain names and consider how many users there are in the company. In the implementation and planning part, my company needs to consider what kind of policies we will create while ensuring that the policies are created based on the requirements of the users. There is a need to segregate the users' requirements since there are separate departments in the company, like the HR department, sales department, IT department, and manufacturing department, so that our company can create policies depending on their requirements. On-site, if you want a GRE tunnel, our company can handle GRE tunnel traffic routing and Zscaler Cloud Firewall, after which Zscaler will take action based on the policies created by our organization. For the deployments and maintenance, a team of five members consisting of two managers and three engineers is required.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"I've never had a problem with Fortinet FortiGate support, so I'd rate it ten out of ten."
"It is easy to use. We chose this product for the possibility to have virtual domains (VDOMs). We are building another company in the group, and we would like to split the firewalling rules and policies between these two companies. Each company would be able to manage its own policies and security rules, which is an advantage of Fortinet FortiGate. We can define VDOMs, and every company can manage its own VDOM as if it has its own physical firewall, but in fact, we would be using the same physical appliance because we are also using the same internet lines. So, it allows us to reuse the existing resources without the disadvantage of having to compromise on policies and security. Each company can choose its own way of working."
"Whenever I need something, Fortinet improves and updates the software for me."
"It's quite comfortable to handle the FortiGate firewall."
"Fortinet FortiGate is among the best options in the market."
"Layer-3 firewall and routing are the most valuable features."
"Using this product makes the VPN seamless and almost invisible to me in the sense that I don't have to think about it."
"I'm looking forward to FortiGate's dashboard features, insights, application oversight, and monitoring, which could help us significantly."
"I like the IPS feature, it is the most valuable."
"We get the Security Intelligence Feeds refreshed every hour from Talos, which from my understanding is that they're the largest intelligence Security Intelligence Group outside of the government."
"Customer service and support are excellent. I would rate their support 10 out of 10."
"We are using the Cisco AnyConnect for our end-user VPN with the ASA."
"We have not had to deal with stability issues."
"The stability of Cisco ASA is excellent compared to other products on the market. Because of our customer experience as an integrator company, our clients never report any performance problems. We have a good performance reputation with Cisco ASA."
"Another benefit has been user integration. We try to integrate our policies so that we can create policies based on active users. We can create policies based on who is accessing a resource instead of just IP addresses and ports."
"Unfortunately in Cisco, only the hardware was good."
"If malicious traffic attacks our on-premises servers, then it gets blocked by Zscaler Cloud Firewall."
"I like the ease of deployment and its flexibility. We don't need to deal with license, quotes, procurement, delivery, and installation. Everything is software-based, and it's very easy to operate."
"Includes advanced tech protection."
"The technical support from Zscaler was excellent."
"It is a stable solution."
"It provides in-depth visibility into your network, ensuring that traffic flowing into your organization, be it from offices or individual users, is effectively filtered and secured through multiple layers of protection."
"The initial setup is straightforward."
"The visibility and log availability offered are highly valued for troubleshooting purposes, and this is a key factor driving customer interest in the firewall module."
 

Cons

"At the moment, the main concern is the pricing and the type of licensing."
"The way everything is set up could be easier. Currently, people need a lot of experience and knowledge to administer it and to link it to devices."
"They have to just improve its performance when we enable all UTM features. When you enable all the features, the performance of FortiGate, as well as of Sophos and SonicWall, goes down."
"Their support can be better, and there should be better policies for immediate replacement in critical situations."
"There are a lot of bugs I have found in the solution and it is difficult to upgrade. These areas need improvement."
"Fortinet FortiGate can improve by integrating the web application firewall and the DDoS protection part of the solution. Having a WAF feature, web application firewall, and proxy together would be a good benefit."
"They could simplify their deployment process, especially when customers have existing devices."
"My only complaint about FortiGate is a lack of QinQ VLAN tunneling. I haven't found this feature in any Fortinet product. You can do this on all Cisco routers, including the smaller models. However, QinQ isn't available on the biggest, most expensive Fortinet units. They still don't have that. I think now we're on software version 6.0, and they still haven't found a solution for QinQ. It isn't a dealbreaker, but that's my main complaint."
"Cisco Secure Firewall has some growth opportunities in terms of visibility and control capabilities regarding managing encrypted traffic."
"The second issue is the ROMmon mode, where during power outages the firewalls go into ROMmon mode, causing outages and financial loss until we can send someone on-site."
"The main problem we have is that things work okay until we upgrade the firmware, at which point, everything changes, and the net stops working."
"I have found that Cisco reporting capabilities are not as rich as other products, so the reporting could be improved."
"It doesn't have a proper GUI to do troubleshooting, so most people have to rely on the command line."
"The upgrading process of Cisco Secure Firewall is a long process on a per-firewall basis, and it would be nice if that could be improved. One firewall can take two to two and a half hours to upgrade, so we end up having to watch it."
"The configuration is an area that needs improvement."
"I wouldn't give them a ten. Nobody is perfect. I'll give them a nine because they help me with any issues I've had."
"There are some areas it could improve when it comes to blocking, we have to block some things manually. For example, if we block a top-level domain we have seen that the new IPs come through, the IPs are not blocked. There should be some more granular way of doing it. My only request is if you're blocking something at a top level, the sub-level sub-domains and all those other IPs should be blocked too automatically."
"It would be better if they improved their policy, package visibility, and flexibility while we're creating rules for inspection. It could also be cheaper or more things could be included in the basic package. In the next release, I would like better coverage in the Asia Pacific region and better quality of service."
"They do not provide a few components that are fundamental to differentiate the products"
"Because it's on cloud, it doesn't allow application of extra settings."
"I don't have the visibility of a control dashboard or a network management system."
"The product could improve its integration with some legacy systems."
"There are several areas for improvement. Firstly, the GUI is outdated, with noticeable lags and delays, especially when generating reports for past transactions."
"We are having some issues with internet access being denied when organizational ID-based policies change. For example, a lower level employee ends up getting the same level of access as that of a higher level employee."
 

Pricing and Cost Advice

"Its pricing is good. The advantages of Fortinet FortiGate over its competitors include good pricing and meeting our requirements at a lower cost."
"Fortinet costs are 25% lower than the high-cost provider. There is an equipment cost and a recurring monthly cost for licenses and technical support."
"Their licensing costs are annual. The UTM feature license along with their support is called FortiCare. We include that as a part of the annual maintenance cost. Palo Alto or Juniper also have an annual subscription charge for UTM. Price, of course, can always be more competitive, but it is not the most expensive product. The price-performance ratio is quite high for FortiGate."
"Fortinet FortiGate is reasonably priced."
"I find it quite reasonable."
"It is cheaper and more competitive compared to other options. For example, when comparing Palo Alto products to others, Palo Alto tends to be more expensive. If you compare Cisco's platform, including Cisco Meraki, with Fortinet products, you'll notice that Cisco's offerings are generally higher priced than Fortinet's firewall solutions."
"Pricing and licensing is a little bit complicated in FortiGate. They are always on the higher side. This is one issue that we always raise with the company that they should reduce the price according to Indian market requirements. There are no costs in addition to the standard licensing fees."
"Fortinet FortiGate is expensive."
"Cisco ASA Firewall should be cheaper."
"It is pay-as-you-go, so it much cheaper than buying in the plants."
"They seem to be at the top end in terms of pricing, but they are worth the price. They are probably a little bit lower than Palo Alto. If the customers are relying on Cisco products and they are thinking more in terms of scaling to another layer in a year, it is pretty much in a good price range."
"It is more expensive than the other solutions."
"In terms of scalability, it is really expensive. It is scalable, but when it comes to pricing, the upgrading is a bit high."
"License capacity needs to be extended and the vendor needs to work on the pricing."
"The pricing of Cisco's boxes is pretty good."
"You get what you pay for. It's always priced based on what you get and what it can handle. It's acceptable."
"There is an annual license required for the use of the Zscaler Cloud Firewall."
"There are different subscription models available."
"On a scale from one to ten, where one is cheap, and ten is expensive, I rate the solution's pricing an eight out of ten."
"It is not the most budget-friendly solution, but it's important to consider its overall value."
"There are licensing costs, and I would not say that it's a cheap vendor."
"The product is a bit expensive compared to the solutions offered by its competitors, like Palo Alto. There is a need to make yearly payments towards the license in charges associated with the product."
"The licensing is on a yearly basis. It is somewhere around 30 or 40 pounds per user for our organization."
"It is expensive for small businesses."
report
Use our free recommendation engine to learn which Firewalls solutions are best for your needs.
861,390 professionals have used our research since 2012.
 

Comparison Review

it_user206346 - PeerSpot reviewer
Mar 11, 2015
Cisco ASA vs. Palo Alto Networks
Cisco ASA vs. Palo Alto: Management Goodies You often have comparisons of both firewalls concerning security components. Of course, a firewall must block attacks, scan for viruses, build VPNs, etc. However, in this post I am discussing the advantages and disadvantages from both vendors concerning…
 

Top Industries

By visitors reading reviews
Computer Software Company
15%
Educational Organization
10%
Comms Service Provider
8%
Manufacturing Company
7%
Educational Organization
26%
Computer Software Company
17%
University
6%
Manufacturing Company
6%
Computer Software Company
13%
Financial Services Firm
12%
Manufacturing Company
9%
Retailer
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Which is the better NGFW: Fortinet Fortigate or Cisco Firepower?
When you compare these firewalls you can identify them with different features, advantages, practices and usage a...
What is the biggest difference between Sophos XG and FortiGate?
From my experience regarding both the Sophos and FortiGate firewalls, I personally would rather use FortiGate. I know...
What are the biggest technical differences between Sophos UTM and Fortinet FortiGate?
As a solution, Sophos UTM offers a lot of functionality, it scales well, and the stability and performance are quite ...
Which is better - Fortinet FortiGate or Cisco ASA Firewall?
One of our favorite things about Fortinet Fortigate is that you can deploy on the cloud or on premises. Fortinet Fort...
How does Cisco's ASA firewall compare with the Firepower NGFW?
It is easy to integrate Cisco ASA with other Cisco products and also other NAC solutions. When you understand the Cis...
Which is better - Meraki MX or Cisco ASA Firewall?
Cisco Adaptive Security Appliance (ASA) software is the operating software for the Cisco ASA suite. It supports netw...
Which lesser known firewall product has the best chance at unseating the market leaders?
Netscope, Zscaler if they continue route they are on now. FIrewalls needs great deal of automation on each end, datac...
What do you like most about Zscaler Cloud Firewall?
The product’s firewall and VPN package are fantastic compared to any other solution.
What is your experience regarding pricing and costs for Zscaler Cloud Firewall?
Zscaler Cloud Firewall is quite expensive compared to competitors. However, it offered moderate value for money.
 

Also Known As

FortiGate 60b, FortiGate 60c, FortiGate 80c, FortiGate 50b, FortiGate 200b, FortiGate 110c, FortiGate, Fortinet Firewall
Cisco Adaptive Security Appliance (ASA) Firewall, Cisco ASA NGFW, Adaptive Security Appliance, Cisco Sourcefire Firewalls, Cisco ASAv, Cisco Firepower NGFW Firewall
No data available
 

Overview

 

Sample Customers

Amazon Web Services, Microsoft, IBM, Cisco, Dell, HP, Oracle, Verizon, AT&T, T-Mobile, Sprint, Vodafone, Orange, BT Group, Telstra, Deutsche Telekom, Comcast, Time Warner Cable, CenturyLink, NTT Communications, Tata Communications, SoftBank, China Mobile, Singtel, Telus, Rogers Communications, Bell Canada, Telkom Indonesia, Telkom South Africa, Telmex, Telia Company, Telkom Kenya
There are more than one million Adaptive Security Appliances deployed globally. Top customers include First American Financial Corp., Genzyme, Frankfurt Airport, Hansgrohe SE, Rio Olympics, The French Laundry, Rackspace, and City of Tomorrow.
Zenith Live, Azure, Carlsberg Group
Find out what your peers are saying about Cisco Secure Firewall vs. Zscaler Cloud Firewall and other solutions. Updated: July 2025.
861,390 professionals have used our research since 2012.