Try our new research platform with insights from 80,000+ expert users

Cisco Secure Firewall vs Zscaler Cloud Firewall comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 16, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Fortinet FortiGate
Sponsored
Ranking in Firewalls
2nd
Average Rating
8.4
Reviews Sentiment
7.1
Number of Reviews
379
Ranking in other categories
Software Defined WAN (SD-WAN) Solutions (1st), WAN Edge (1st)
Cisco Secure Firewall
Ranking in Firewalls
6th
Average Rating
8.2
Reviews Sentiment
7.3
Number of Reviews
428
Ranking in other categories
Cisco Security Portfolio (3rd)
Zscaler Cloud Firewall
Ranking in Firewalls
25th
Average Rating
8.2
Reviews Sentiment
8.0
Number of Reviews
18
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of July 2025, in the Firewalls category, the mindshare of Fortinet FortiGate is 21.2%, up from 17.7% compared to the previous year. The mindshare of Cisco Secure Firewall is 6.2%, up from 5.5% compared to the previous year. The mindshare of Zscaler Cloud Firewall is 0.4%, up from 0.3% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Firewalls
 

Featured Reviews

Vasu Gala - PeerSpot reviewer
A stable solution with an intuitive interface and quick customer service
I have been working with Fortinet FortiGate, WatchGuard, Sophos, and SonicWall. I'm not as comfortable with SonicWall because of their UI and limitations. I prefer Fortinet above all other options. When it comes to configuration, I am confident in my ability to handle various tasks, including creating policies such as firewall rules, web policies, and application policies. Additionally, I can configure VPNs and implement load balancing, among other tasks. Overall, I feel much more comfortable working with Fortinet. Fortinet has made significant improvements by integrating AI with firewalls for threat analysis and prevention. In the past 2-3 years, they have launched FortiSASE and SIEM, and they also provide SOC services. Both Palo Alto and Fortinet FortiGate are excellent. While Fortinet FortiGate comes at higher prices, the functionality and support justify the cost. They promptly resolve firmware issues and inform all support providers about configuration changes.
Phil Shiflett - PeerSpot reviewer
Unified policies streamline network management but complex licensing requires attention
Cisco Secure Firewall has some growth opportunities in terms of visibility and control capabilities regarding managing encrypted traffic. It has the ability to analyze encrypted traffic, and there is potential for more integration with APIs and AI to enhance these capabilities. Cisco Secure Firewall needs improvement in deployment time and the capability to access the CLI during support calls. I often encounter issues when technical support uses a CLI that is not familiar to me while troubleshooting through the GUI. My ongoing complaint for the last six years has been the lack of CLI functionality, which hinders my ability to work on the firewall, alongside concerns regarding deployment time. For the next release, they should look at the features offered by competitors such as Fortinet, including the ability to perform packet capture directly from the interface. If they enhanced their troubleshooting efficiency related to packet capture for each specific rule, it would simplify the process significantly.
Bhaskar Rao - PeerSpot reviewer
Though it helps deal with web traffic or any malicious traffic, it needs to work on its DC performance issues
The product's initial setup phase is moderate in level, so it is neither very complex nor very easy. For the deployment, my company first needs to gather all the requirements of the users and the domain names and consider how many users there are in the company. In the implementation and planning part, my company needs to consider what kind of policies we will create while ensuring that the policies are created based on the requirements of the users. There is a need to segregate the users' requirements since there are separate departments in the company, like the HR department, sales department, IT department, and manufacturing department, so that our company can create policies depending on their requirements. On-site, if you want a GRE tunnel, our company can handle GRE tunnel traffic routing and Zscaler Cloud Firewall, after which Zscaler will take action based on the policies created by our organization. For the deployments and maintenance, a team of five members consisting of two managers and three engineers is required.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The scalability is easy with switches and access points that are basically plug-and-play for the most part."
"Their proxy-based inspection is responsive and secure."
"The IPS is good. It protect my network from attackers."
"The most valuable feature is the VDOM, which allows the customer to have multiple firewalls in a single campus."
"The most valuable feature is the bundled subscription, which is IPS, TV and web filtering."
"What's most important is the ease of use."
"With Fortinet FortiGate, we improved security significantly."
"Fortinet FortiGate has positively impacted our organization by preventing hackers from accessing our network."
"This solution made our organization more secure and gave us better control."
"The most valuable feature that Cisco Firepower NGFW provides for us is the Intrusion policy."
"I have integrated it for incidence response. If there is a security event, the Cisco firewall will automatically block the traffic, which is valuable."
"For companies prioritizing security, the optimal choice is one that offers a range of feeds to cater to diverse needs. This is particularly crucial for organizations implementing DDoS mitigation. The preferred solutions typically align with the top server vendors, with Cisco, Forti, and Barracuda consistently ranking among the top three vendors we collaborate with."
"URL filtering is valuable."
"The feature I appreciate the most about Cisco Secure Firewall is its speed, especially for a 40-gig network."
"VPN and firewall are good features."
"ASA 5505 and ASA 5506 are very powerful tools to use in a business environment, and provide a lot of security."
"The visibility and log availability offered are highly valued for troubleshooting purposes, and this is a key factor driving customer interest in the firewall module."
"It provides in-depth visibility into your network, ensuring that traffic flowing into your organization, be it from offices or individual users, is effectively filtered and secured through multiple layers of protection."
"The solution is scalable."
"The technical support from Zscaler was excellent."
"It helps a lot of companies to reduce their downtime. Also, It helps businesses in terms of being secured and protected from any threats."
"The scalability is okay. We have around 2200 people using this solution."
"It is a stable solution."
"Zscaler is still a very good product."
 

Cons

"The solution's framework needs to be frequently updated in order to have a stable solution."
"We would like to see a better training platform implemented."
"In an incident, after a restart, Fortinet FortiGate did not connect to FortiGuard servers. Due to that reason, on the customer end, all websites got blocked. I don't know why this happened. The firewall of a bank in Sri Lanka rebooted yesterday, and after that, FortiGuard servers did not connect properly, blocking all customer environment websites."
"Fortinet FortiGate needs to improve the logging and reporting. Additionally, the next-generation application's policies should be improved. When they were released they had bugs."
"They are doing good, but they can improve the distributor assignment. The availability of the product and the timeline of delivery are the main things. The distribution should be swift, and the distributor should not reach out to end customers directly. They should work as a distributor. There should also be one more local distributor. Currently, there is only one distributor in Pakistan, and the rest of them are in UAE. It is difficult to work with only one distributor. Sometimes, you don't get along with the same distributor, and that's why they should have one more distributor. Their licensing should also be improved. The activation or renewal of the product should be done from the date of renewal, not from the date on which the license expired."
"There are some problems that support cannot give you a logical reason as to why it happened. For example, I had a case where I was dealing with a WhatsApp application that was giving issues. Technical support gave more than one reason it could be giving issues, but none of them solved the problem. Eventually I solved the problem, but it was far from the solutions that support had given."
"I find the management console not very straightforward, so that's an area where Fortinet FortiGate can improve. They should simplify it and make it more user-friendly."
"FortiGate can improve its token system, as it requires a purchase before use."
"Virtual patching would be helpful for servers that are not able to update patches due to compatibility issues."
"The configuration might be slightly difficult compared to other players in the market like Fortinet or WatchGuard."
"It would be great to have all the data correlated to have an overview and one point of administration."
"I wouldn't give them a ten. Nobody is perfect. I'll give them a nine because they help me with any issues I've had."
"My experience with pricing, setup costs, and licensing was a nightmare. It is indeed challenging as Cisco has too many variations of support with no clear explanation of what you are actually getting."
"The graphical interface should be improved to make the configuration easier, to do things with a single click."
"The throughput highlighted on the datasheet (10Gbps) should be reviewed. This throughput is only for a UDP running environment, which you will never find in the real world. Rather consider a multiprotocol throughput."
"Some individuals find the setup and configuration challenging."
"Pricing is a challenge."
"It would be better if they improved their policy, package visibility, and flexibility while we're creating rules for inspection. It could also be cheaper or more things could be included in the basic package. In the next release, I would like better coverage in the Asia Pacific region and better quality of service."
"Zscaler Cloud Firewall should have a better understanding of all dynamic cloud applications."
"If I can get rid of Jetscaler, I will use Twingate for sure."
"I don't have the visibility of a control dashboard or a network management system."
"Its technical support services could be better."
"We are having some issues with internet access being denied when organizational ID-based policies change. For example, a lower level employee ends up getting the same level of access as that of a higher level employee."
"They do not provide a few components that are fundamental to differentiate the products"
 

Pricing and Cost Advice

"We purchased a five-year bundle package, which worked out cheaper than competing solutions."
"It is cost-effective, and provides a good value for your money. The pricing, and license renewal, is very reasonable for us."
"It's not the cheapest, but it's value for money. Given everything we've got out of it: the DMZ port, the VPN, and the high availability, it's a pretty reasonable price."
"By default, they give SD-WAN along with the firewall. They don't have separate licensing for the SD-WAN functionality. However, they have security licenses that are sold separately on a subscription basis. Customers can consume these security features to protect their users from internet traffic."
"For the performance that we get, the price is reasonable. There are cheaper options, but they may not deliver the same kind of performance that we want. For the performance they provide, the price is acceptable."
"While Fortinet FortiGate has a higher price point compared to Sophos XG, its user-friendly interface justifies the cost."
"Fortigate's pricing is competitive."
"Its pricing is fine. It is on a yearly basis. Other than the licensing fee, there is no extra fee."
"Their pricing is very aggressive and good. Even a small company can afford it. I am happy with its pricing. Its licensing is on a yearly basis."
"It was initially heavy on my pocket, but it soon actualised its worth."
"It requires additional licensing to enable 10G ports."
"It is more expensive than the other solutions."
"Licensing is not only for Secure Firewalls, and it's too complicated."
"You get what you pay for. It's always priced based on what you get and what it can handle. It's acceptable."
"The licensing features are getting more complicated. These should be simplified."
"In terms of scalability, it is really expensive. It is scalable, but when it comes to pricing, the upgrading is a bit high."
"The product is a bit expensive compared to the solutions offered by its competitors, like Palo Alto. There is a need to make yearly payments towards the license in charges associated with the product."
"It is expensive for small businesses."
"It is not the most budget-friendly solution, but it's important to consider its overall value."
"Zscaler is priced too high compared to the cost of Fortinet."
"It comes at a significantly reduced cost while ensuring control and effectiveness."
"There is an annual license required for the use of the Zscaler Cloud Firewall."
"There are different subscription models available."
"There are licensing costs, and I would not say that it's a cheap vendor."
report
Use our free recommendation engine to learn which Firewalls solutions are best for your needs.
861,390 professionals have used our research since 2012.
 

Comparison Review

it_user206346 - PeerSpot reviewer
Mar 11, 2015
Cisco ASA vs. Palo Alto Networks
Cisco ASA vs. Palo Alto: Management Goodies You often have comparisons of both firewalls concerning security components. Of course, a firewall must block attacks, scan for viruses, build VPNs, etc. However, in this post I am discussing the advantages and disadvantages from both vendors concerning…
 

Top Industries

By visitors reading reviews
Computer Software Company
15%
Educational Organization
10%
Comms Service Provider
8%
Manufacturing Company
7%
Educational Organization
26%
Computer Software Company
17%
University
6%
Manufacturing Company
6%
Computer Software Company
13%
Financial Services Firm
12%
Manufacturing Company
9%
Retailer
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Which is the better NGFW: Fortinet Fortigate or Cisco Firepower?
When you compare these firewalls you can identify them with different features, advantages, practices and usage a...
What is the biggest difference between Sophos XG and FortiGate?
From my experience regarding both the Sophos and FortiGate firewalls, I personally would rather use FortiGate. I know...
What are the biggest technical differences between Sophos UTM and Fortinet FortiGate?
As a solution, Sophos UTM offers a lot of functionality, it scales well, and the stability and performance are quite ...
Which is better - Fortinet FortiGate or Cisco ASA Firewall?
One of our favorite things about Fortinet Fortigate is that you can deploy on the cloud or on premises. Fortinet Fort...
How does Cisco's ASA firewall compare with the Firepower NGFW?
It is easy to integrate Cisco ASA with other Cisco products and also other NAC solutions. When you understand the Cis...
Which is better - Meraki MX or Cisco ASA Firewall?
Cisco Adaptive Security Appliance (ASA) software is the operating software for the Cisco ASA suite. It supports netw...
Which lesser known firewall product has the best chance at unseating the market leaders?
Netscope, Zscaler if they continue route they are on now. FIrewalls needs great deal of automation on each end, datac...
What do you like most about Zscaler Cloud Firewall?
The product’s firewall and VPN package are fantastic compared to any other solution.
What is your experience regarding pricing and costs for Zscaler Cloud Firewall?
Zscaler Cloud Firewall is quite expensive compared to competitors. However, it offered moderate value for money.
 

Also Known As

FortiGate 60b, FortiGate 60c, FortiGate 80c, FortiGate 50b, FortiGate 200b, FortiGate 110c, FortiGate, Fortinet Firewall
Cisco Adaptive Security Appliance (ASA) Firewall, Cisco ASA NGFW, Adaptive Security Appliance, Cisco Sourcefire Firewalls, Cisco ASAv, Cisco Firepower NGFW Firewall
No data available
 

Overview

 

Sample Customers

Amazon Web Services, Microsoft, IBM, Cisco, Dell, HP, Oracle, Verizon, AT&T, T-Mobile, Sprint, Vodafone, Orange, BT Group, Telstra, Deutsche Telekom, Comcast, Time Warner Cable, CenturyLink, NTT Communications, Tata Communications, SoftBank, China Mobile, Singtel, Telus, Rogers Communications, Bell Canada, Telkom Indonesia, Telkom South Africa, Telmex, Telia Company, Telkom Kenya
There are more than one million Adaptive Security Appliances deployed globally. Top customers include First American Financial Corp., Genzyme, Frankfurt Airport, Hansgrohe SE, Rio Olympics, The French Laundry, Rackspace, and City of Tomorrow.
Zenith Live, Azure, Carlsberg Group
Find out what your peers are saying about Cisco Secure Firewall vs. Zscaler Cloud Firewall and other solutions. Updated: July 2025.
861,390 professionals have used our research since 2012.