Try our new research platform with insights from 80,000+ expert users

Cisco Secure Firewall vs Cisco Umbrella comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Jul 30, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cisco Secure Firewall
Ranking in Cisco Security Portfolio
4th
Average Rating
8.2
Reviews Sentiment
7.1
Number of Reviews
409
Ranking in other categories
Firewalls (5th)
Cisco Umbrella
Ranking in Cisco Security Portfolio
2nd
Average Rating
8.8
Reviews Sentiment
7.3
Number of Reviews
113
Ranking in other categories
Secure Web Gateways (SWG) (1st), Internet Security (1st), Cloud Access Security Brokers (CASB) (2nd), Secure Access Service Edge (SASE) (3rd), Domain Name System (DNS) Security (1st)
 

Mindshare comparison

As of March 2025, in the Cisco Security Portfolio category, the mindshare of Cisco Secure Firewall is 6.7%, up from 5.1% compared to the previous year. The mindshare of Cisco Umbrella is 12.5%, down from 15.5% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Cisco Security Portfolio
 

Featured Reviews

Maharajan S - PeerSpot reviewer
Enhances security with precise access control but has integration challenges
Overall, I would rate the product six out of ten. Because of the support and cost, I moved away from Cisco, but otherwise, it is a good product. Recommendation depends on the requirement. If lacking a proper team and being dependent on the OEM and partner, Cisco is not suitable. However, if the team is qualified with Cisco-certified people and the requirement is a big network, it can be considered. In today's hybrid work world, having an expanded gateway is more typical than having a single one. Thus, Cisco is unlikely to be recommended for a hybrid requirement unless in-house skills align. Otherwise, depending on partners and Cisco, it can be a risk. I rate the overall solution six out of ten.
Alessandro Braga - PeerSpot reviewer
Has comprehensive reporting and scales easily
The reports and notifications are the most useful part of the platform. As soon as you deploy the security layers, the reporting is very comprehensive. It helps you to have, at a glance, a clear view of what's going on. The integration between Cisco Secure solutions is pretty good. We have been able to deliver the solution in a few days. The integration of Umbrella and Meraki is literally one click away from the customer. One of the reasons why we chose Umbrella was its capability to perform end-to-end detection of malware and web traffic. In the last two years, we have been covered, detection has been faster, and we have been able to contain some potential threats along the way. We use the Umbrella stack from DNS protection to web and content protection. Our workforce is made up of 150 Macs; thus, we use Mac as a client. We have some PCs and integration with the network in our co-working spaces. Utilizing Cisco Secure has helped us save time. Being a nimble organization, we don't have IT staff who are fully dedicated to security. The maintenance is also not very time-consuming. In terms of the amount of time saved, it would be half an FTE a year, given the fact that we are informed and notified when threats arise. In terms of operating expenditures, we have been able to negotiate a better cyber insurance rate with our insurance company due to the fact that we are covered by Umbrella. Another benefit of using Cisco Umbrella is application scanning. We have been able to understand how many other applications we were consuming in the cloud, address them, and save money. Without Cisco Umbrella, we would not have realized that we had so many cloud applications in the company. We have been able to close at least four or five applications that were duplicates of others that we were already using in the company. We have realized approximately 10,000 to 12,000 euros a year of immediate savings in an organization of 150 people, which is quite significant.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The VPN is our most widely used feature for Cisco Secure Firewall. Since we were forced into a hybrid working situation by COVID a few years back, VPN is the widely used feature because everybody is working remotely for our agency. So it came in very handy."
"Its ability to discover attacks is a valuable feature. All of the other features that have to do with security are good."
"Ease of configuration: It has gotten a lot easier to configure compared to the original Cisco Pix."
"An efficient, easy to deploy and dependable firewall solution."
"It is a secure product."
"Cisco Firewall has very good features, like trusted applications and restricted access for users based on keywords."
"I like the way Firepower presents the data. It gives you two classifications for the evidence, something based on the priority of the evidence and another classification based on the impact of the evidence in your environment. This makes it very easy to spot the evidence that is most impactful to my environment. Instead of having to go through all the evidence based on that priority, I can focus on the evidence that has the most impact on my environment."
"The initial setup is easy."
"The primary advantage of Cisco Umbrella is its ability to safeguard our users no matter where they are working from - whether it's in the office or remotely, as per the new work model that has emerged globally. This integrated security solution has simplified our lives by combining all the necessary security measures in one product. Additionally, deploying the product is all it takes to protect all our users."
"The implementation is pretty easy."
"The Global Block List is one of the most valuable features because it's really easy to block domain names as well as URLs. Sometimes you don't want to block the whole site, you just want to block one URL. The Global Block and Allow Lists are the best features for us."
"I like the DNS layer security."
"The most valuable feature for us is the DNS-based protection."
"The most valuable feature is the website protection capabilities because it prevents end-users from entering bad sites that potentially have malware or could be used for phishing."
"Meraki features and cloud-based functionality are advanced and easy to manage centrally."
"​They have a wealth of articles in their knowledge base. This has given me the freedom to troubleshoot on my own time. ​​"
 

Cons

"Cisco Secure Firewall should be easier to handle. It uses ASDM, which is not easy to understand. It would be better if there was direct access via HTTPS."
"One of my main concerns, an area that could use improvement is in adjusting the need to buy a license to enable features."
"The maturity needs to be better."
"Cisco Firepower is not completely integrated with Active Directory. We are trying to use Active Directory to restrict users by using some security groups that are not integrated within the Cisco Firepower module. This is the main issue that we are facing."
"Licensing is complex, and I'd like it to be simplified. This is an area for improvement."
"The IPS and GUI are outdated."
"Most of the time, when I try to run Java, it is not compatible with ASA's current operating systems."
"They could improve by having more skilled, high-level engineers that are available around the clock. I know that's an easy thing to say and a hard thing to do."
"If the security issues are taken care of it would be better."
"In my experience with Umbrella support, sometimes the response times take a bit more time than we would like... sometimes, if you go through email, it can take quite a while to get a response."
"It should have more integrations with multiple end user OEMs."
"The rule-making process for blocking sites or for blocking characteristics can use some simplification."
"The locks and management could be better. The product is fairly new, and it may take some time to get all the features up and running."
"The only thing I can think of is that I'd like to see a little more flexibility in policy creation. The way that policy is currently structured is like a "first hit succeeds" kind of policy. It would be nice if it were more hierarchical."
"If we're trying to deploy it to a Mac through Meraki, it's impossible. The method of deployment for a Mac, and the features available in Meraki, are not compatible at all."
"There are a couple of interface issues. I know that they say that there are feature enhancements that are noted. For example, we've got the Cisco Meraki security appliances, and there, we geofence our company to where we're allowed to send and receive traffic. So, in our case, by default, we only allow traffic to six different countries, which allows us to effectively prevent traffic for the majority of bad players in the world, but they don't give you an easy way to do that in Cisco Umbrella. With Cisco Meraki, I can specify or pick the countries. I can say that I want to only allow traffic from these six countries, and I'm done. With Cisco Umbrella, I have to rely on the fact that they're going to prevent traffic to other countries. They're going to decide if it's good or bad."
 

Pricing and Cost Advice

"The ROI is good. Using ASA, we have saved 10% to 20% on our costs."
"I just bought it off the shelf, and I'm using it with my previous one, so I have not spent that much."
"Licensing, recently, has been getting more complicated. In particular, the Smart Licensing that came out is quite complicated. I don't know what's going on.... They call it Smart, but it's complicated. I prefer the traditional license where you buy it once."
"The solution was chosen because of its price compared to other similar solutions."
"It is extremely expensive compared to its competitors and I would rate it 2 out of 10."
"The licensing is a bit off because the physical firewall is cheaper than the virtual one. We only have the physical ones as they are cheaper than the virtual ones. We only use the physical firewalls because of the price difference."
"The licensing features are getting more complicated. These should be simplified."
"Although I am not directly involved in dealing with the pricing aspect of the Cisco Secure Firewall, I know that the licensing has improved over the years."
"Cisco has a model called ELA. With ELA, if you buy the solution you will have the complete security portfolio and you can pay it yearly or after three years, it depends on the contract."
"There are three models for licensing with different feature sets."
"There is room for improvement when it comes to the cost."
"As an educational partner, we get better licensing structures. We are very happy with that. It has been very nice that Cisco has partnered with the educational sector to bring that."
"I rate the tool's pricing a five out of ten."
"Cisco is expensive. For example, we are looking at Nexus Dashboard, and it's costing about 250,000 euros. I ask, "What do I get from it?" I'm still not convinced that we have to spend on it, so pricing is a problem."
"The solution’s pricing is reasonable."
"The price could be lower."
report
Use our free recommendation engine to learn which Cisco Security Portfolio solutions are best for your needs.
841,824 professionals have used our research since 2012.
 

Comparison Review

it_user206346 - PeerSpot reviewer
Mar 11, 2015
Cisco ASA vs. Palo Alto Networks
Cisco ASA vs. Palo Alto: Management Goodies You often have comparisons of both firewalls concerning security components. Of course, a firewall must block attacks, scan for viruses, build VPNs, etc. However, in this post I am discussing the advantages and disadvantages from both vendors concerning…
 

Top Industries

By visitors reading reviews
Educational Organization
42%
Computer Software Company
13%
Manufacturing Company
4%
Government
4%
Educational Organization
26%
Computer Software Company
17%
Financial Services Firm
7%
Manufacturing Company
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Which is the better NGFW: Fortinet Fortigate or Cisco Firepower?
When you compare these firewalls you can identify them with different features, advantages, practices and usage at large. In my opinion, Fortinet would be the best option and l use Fortinet too...
Which is better - Fortinet FortiGate or Cisco ASA Firewall?
One of our favorite things about Fortinet Fortigate is that you can deploy on the cloud or on premises. Fortinet Fortigate is very stable, reliable, and consistent. We like that we can manage the e...
How does Cisco's ASA firewall compare with the Firepower NGFW?
It is easy to integrate Cisco ASA with other Cisco products and also other NAC solutions. When you understand the Cisco ecosystem, it is very simple to handle. This solution has traffic inspection ...
Which is the better security solution - Cisco Umbrella or Zscaler?
Cisco Umbrella and Zscaler Internet Access are two broad-spectrum Internet security solutions that I have tried. Zscaler Internet Access is a good option for carrying out multiple security functi...
Which is the better security solution - Cisco Umbrella or Microsoft Cloud App Security?
Cisco Umbrella is an integral component of the Cisco SASE architecture. It integrates security in a single, cloud-native solution, unifying multiple features like DNS-layer security, threat intelli...
What do you like most about Cisco Umbrella?
Cisco Umbrella is easy to monitor, manage, and deploy.
 

Also Known As

Cisco Adaptive Security Appliance (ASA) Firewall, Cisco ASA NGFW, Adaptive Security Appliance, Cisco Sourcefire Firewalls, Cisco ASAv, Cisco Firepower NGFW Firewall
OpenDNS
 

Overview

 

Sample Customers

There are more than one million Adaptive Security Appliances deployed globally. Top customers include First American Financial Corp., Genzyme, Frankfurt Airport, Hansgrohe SE, Rio Olympics, The French Laundry, Rackspace, and City of Tomorrow.
Chart Industries, City of Aspen, Eastern Mountain Sports, FLEXcon, George Washington University, Jackson Municipal Airport Authority, Ohio Public Library Information Network, PTC, Richland Community College, Smart Motors, Tulane University, VeriClaim
Find out what your peers are saying about Cisco Secure Firewall vs. Cisco Umbrella and other solutions. Updated: January 2025.
841,824 professionals have used our research since 2012.