We performed a comparison between Cisco Secure Firewall and Fortinet FortiGate-VM based on real PeerSpot user reviews.
Find out in this report how the two Firewalls solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."With the pandemic, people began working from home. That was a pretty big move, having all our users working from a home. More capacity needed to be added to our remote VPN. ASA did this very well."
"All the rules are secure and we haven't had a significant malware attack in the five years that we've been using ASA Firewall. It has been a tremendous improvement for our network. However, I can't quantify the benefits in monetary terms."
"We definitely feel more secure. We have more control over things going in and out of our network."
"The Packet Tracer is a really good tool. If someone calls because they're having problems, you can easily create fake traffic without having to do an extended packet capture. You can see, straight away, if there's a firewall rule allowing that traffic in the direction you're trying to troubleshoot."
"When it comes to the integration among Cisco tools, we find it easy. It's a very practical integration with other components as well."
"It has a good security level. It is a next-generation firewall. It can protect from different types of attacks. We have enabled IPS and IDS."
"The most important features are the intrusion prevention engine and the application visibility and control. The Snort feature in Firepower is also valuable."
"The ASDM (Adaptive Security Device Manager) which is the graphical user interface, works out, and Cisco keeps it current."
"The configuration, graphical interface and command line are easy to use."
"In terms of specific features, I like FortiGate's load balancing, interface, and priority on the network."
"In spite of the solution being inexpensive, it has everything one would need."
"FortiGate-VM has many valuable features: it's easy to use, it's intuitive, it's got very good traffic inspection features, it's got comprehensive filtering categories, and it has an extensive threat database, using FortiGuard."
"Overall, it's an excellent solution."
"It is a complete package, and it has complete offerings. It fit the needs, and our customer is happy with it."
"The best part about FortiGate-VM is its strong security."
"The interface is decent."
"The virtual firewalls don't work very well with Cisco AnyConnect."
"It is hard to control the bandwidth of end-users with a Cisco Firewall. That is the main issue I've faced. I used Mikrotik for many years for this very reason. Mikrotik has the option to set a bandwidth restriction for a single IP or complete segments. Cisco should add this option to their firewall."
"The ability to better integrate with other tools would be an improvement."
"Other products are becoming easier to access and configure. They are providing UI interfaces to configure, take backup, synchronize redundant machines, and so on. It is very easy to take backup and upgrade the images in those products. Cisco ASA should have such features. If one redundant machine is getting upgraded, the technology and support should be there to upgrade other redundant machines. In a single window, we should be able to do more in terms of backups, restores, and upgrades."
"If they want to add better features to the current Cisco ASA, they can start by increasing the encryption. That is the only thing they need to improve."
"We have more than one Cisco firewall and it is difficult for me to integrate both on the single UI."
"A major area of improvement would be to have more functionality in public clouds, especially in terms of simplifying it. The high availability doesn't work right now because of the limitations in the cloud."
"The Firepower FTD code is missing some old ASA firewalls codes. It's a small thing. But Firepower software isn't missing things that are essential, anymore."
"The log settings and filters could use some improvement."
"It would be better if it could provide you with options before completely blocking anything through the web filter. If you are doing a deep SSL inspection on the site if it says it's expired, it doesn't give you the option to continue at your own risk. I can't say that it's bad, but SSL internally isn't really a requirement. However, its security features can help. Right now, we have people going out and spending on purchasing the SSL certificates for internal sites."
"Price-wise, it could be slightly better, however, if you compared it to other makes and models of equal category, it is generally cheaper."
"It should have the SD-WAN feature. This would increase the number of features that are available in the box."
"We have encountered certain issues with the bandwidth in respect of the security layer."
"Areas for improvement would be application control and web filtering."
"The price is problematic."
"Technical support could be improved."
Cisco Secure Firewall is ranked 2nd in Firewalls with 91 reviews while Fortinet FortiGate-VM is ranked 9th in Firewalls with 49 reviews. Cisco Secure Firewall is rated 8.2, while Fortinet FortiGate-VM is rated 8.4. The top reviewer of Cisco Secure Firewall writes "The ability to implement dynamic policies for dynamic environments is important, given the fluidity in the world of security". On the other hand, the top reviewer of Fortinet FortiGate-VM writes "Flexible with good cloud management and a straightforward user interface". Cisco Secure Firewall is most compared with Fortinet FortiGate, Meraki MX, Palo Alto Networks WildFire, pfSense and Juniper SRX, whereas Fortinet FortiGate-VM is most compared with Azure Firewall, Fortinet FortiGate, pfSense, Palo Alto Networks VM-Series and OPNsense. See our Cisco Secure Firewall vs. Fortinet FortiGate-VM report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.