We performed a comparison between Cisco Secure Firewall and Meraki MX based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Meraki MX is the winner in this comparison. It is easier to set up and more user-friendly than Cisco ASA Firewall. In addition, Meraki MX is a less expensive solution than Cisco Secure Firewall.
"It's very easy to configure."
"The solution is very easy to understand. It's not overly complex."
"Valuable features include the Web Application Firewall, and it even has DLP (data leak prevention)."
"The most valuable features of Fortinet FortiGate are it is one of the most mature firewalls in the UTM bundle."
"This solution has solid UTM features combined with a nice GUI."
"Provides good firewall security and has great VPN features."
"All of the features of Fortinet FortiGate are useful and the security protection is good."
"You can purchase switches and you don't need to do anything with them. You just put in the firewall and the switches get all the policies and rules that you already have in the firewall. With Fortinet, you just connect the FortiSwitch to the Fortinet and that's it."
"This product is pretty stable."
"The most valuable feature is that it has the ability to divide the network into three parts; internal, external, and DMZ."
"The content filtering is good."
"It's easy to integrate ASA with other Cisco security products. When you understand the technology, it's not a big deal. It's very simple."
"Logging is great. It will show when it reaches its capacity before it is too late, unless you have bursts of traffic."
"The most valuable features for my client are the ASDM and monitoring."
"The implementation is pretty straightforward."
"The management aspect of the product is very straightforward."
"The product is quite secure, easy to manage, and well-connected with other devices."
"Dual WAN connections are greatly simplified and point-to-point VPNs automatically connect regardless of what WAN connection is active."
"I like the automatic firmware updates. We use the Active Directory to authenticate VPN users."
"Both the scalability and the scalability are great with Meraki MX."
"Point-to-point VPNs can dynamically follow IP changes with no need for static IPs."
"Its ease of configuration and management is very useful for us and for other companies that don't have an onsite IT person. It is easy to configure and easy to manage. It is easy to configure the VPN with the Auto VPN feature."
"It is very fast to implement."
"It is very easy to use and manage. It is also very easy to scale."
"In the balance between links feature normally you can just choose one option to balance. It would be better for the solution to have more than one option, preferably three."
"Application management can be improved."
"FortiGate is really good. We have been using it for quite some time. Initially, when we started off, we had around 70 plus devices of FortiGate, but then Check Point and Palo Alto took over the place. From the product perspective, there are no issues, but from the account perspective, we have had issues. Fortinet's presence in our company is very less. I don't see any Fortinet account managers talking to us, and that presence has diluted in the last two and a half or three years. We have close to 1,500 firewalls. Out of these, 60% of firewalls are from Palo Alto, and a few firewalls are from Check Point. FortiGate firewalls are very less now. It is not because of the product; it is because of the relationship. I don't think they had a good relationship with us, and there was some kind of disconnect for a very long time. The relationship between their accounts team and my leadership team seems to be the reason for phasing out FortiGate."
"Fortinet FortiGate is a stable solution. However, my issue is the performance only. When I use all the profiles, this affects the performance. From the beginning, I should have had a better sizing of the box."
"When we cluster the two Fortinet FortiGate boxes together we have some issues."
"Its reporting capabilities can be improved. It should have some out-of-the-box reporting capabilities and some degree of customization. The basic reporting that it currently has is not sufficient to create more usable reports. It needs some sort of out-of-the-box reporting. They try to make customers purchase FortiAnalyzer for this kind of reporting, which is an additional cost. Other firewall vendors, such as SonicWall and Sophos, provide this sort of reporting without any additional cost."
"There are some tiny bugs that sometimes affect the operations. In the past revision of it, there was a bug. Because of the bug, we had to downgrade the version. It happened only with the last revision."
"The command line is complicated, and the interface could be better."
"At times the product is sluggish and slow"
"FirePOWER does a good job when it comes to providing us with visibility into threats, but I would like to see a more proactive stance to it."
"It would be nice if you didn't have to configure using a command-line interface. It's a bit technical that way."
"The relatively new Firepower Threat Defense image (mix of ASA and Sourcefire network security) fills a lot of gaps and features that were missing on ASA."
"The performance should be improved."
"The overall licensing structure could improve to make the solution better."
"I would like it if they made the newer generation a bit simpler. You can do ASA code and FXOS. It is just a bit confusing with the newer generational equipment on what it can do."
"I think they need to review their whole UI because it feels like it was created by a whole bunch of different teams of developers who didn't fully talk to each other. The net policy screen is just a mess. It should look like the firewall policy screen, and they should both act the same, but they don't. I feel like it's two different buildings or programming, who don't talk to each other, and that really annoys me."
"An area for improvement in Meraki MX is that it needs some provision, as supplying the unit through Cisco can be tedious at times, but as far as the product itself and its offerings, Meraki MX is five-star all the way."
"We have been having a problem with the VPN. When the energy goes down and is back again, the VPN link doesn't get established. We have to manually turn off the modems and other pieces of equipment and manually establish the VPN. It has been around one month since we have been having this problem, and we don't have enough support from Meraki to solve the problem."
"The problem is that the two licenses do not currently integrate. We have to create separate companies and do an interconnection."
"We can’t access GUI management and CLI opening features when the Internet is unavailable."
"I do not have the kind of feature I need for SSL decryption in Meraki MX. It would be great to see the SSL decryption feature in Meraki MX."
"The solution's pricing should be reduced."
"The client-side VPN is weak. The product could be improved with deployment templates."
"The product is quite complex to set up."
Cisco Secure Firewall is ranked 4th in Firewalls with 112 reviews while Meraki MX is ranked 2nd in Unified Threat Management (UTM) with 22 reviews. Cisco Secure Firewall is rated 8.2, while Meraki MX is rated 8.2. The top reviewer of Cisco Secure Firewall writes "Includes multiple tools that help manage and troubleshoot, but needs SD-WAN for load balancing". On the other hand, the top reviewer of Meraki MX writes "Great solution that can manage multiple devices (security, switches, APs, Cameras) with a single pane of glass". Cisco Secure Firewall is most compared with Palo Alto Networks WildFire, Netgate pfSense, Sophos XG, Juniper SRX Series Firewall and Palo Alto Networks NG Firewalls, whereas Meraki MX is most compared with Palo Alto Networks NG Firewalls, Sophos XG, Netgate pfSense, SonicWall TZ and SonicWall NSa. See our Cisco Secure Firewall vs. Meraki MX report.
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
Meraki is designed for zero deployments and no in-house firewall specialist personnel. Best to secure Networks like remote offices, branches or home offices. Also to protect Internet Access (your computer accesses the internet).
Cisco ASA is more of a professional firewall, not only protecting internet access but also providing security for publishing services like web servers, data centers, central services. They will need a specialist to install and support them. Therefore offer much more sophisticated protection features.
So you can't really compare these solutions, as they are targeting different markets.
You might compare Cisco to Sophos, but again, these are different protection solutions, one for network protection, the other for client protection. If you look only at the firewall part, you miss a lot in the total protection approach with Sophos.
Cisco Adaptive Security Appliance (ASA) software is the operating software for the Cisco ASA suite. It supports network security and firewall options. We researched both Meraki and ASA. We liked that ASA provides a solid VPN setup and integrates with other Cisco security offerings.
Cisco ASA is great for routing and accessing remote office locations via the remote VPN. We also liked the high availability and customizable nating (Network Access Translation). It is very reliable and easy to use. You can easily configure a site-to-site VPN to connect multiple sites. The support is great - they respond 24/7/365 and there is a lot of documentation available.
The downside is that ASAs are aging. Therefore, Cisco ASAs are best suited to small businesses. If you need something affordable that gets the job done, ASA is a good option.
We chose Cisco Meraki, because, in our opinion, it is a step forward from ASA. The level of security and intrusion detection is great, and because it is cloud-based, it is easy to change the configuration without downtime. Logging is very comprehensive, and management is very simple.
The best feature is content filtering with granular control. Cisco Meraki offers advanced malware protection, including traffic shaping. Another feature we really like is that you can pre-configure devices before they arrive at the installation.
It doesn’t work with DMVPN, which is a downside. Another feature that could use some improvement is reporting, which is not real-time. The price can get expensive but if you can afford it, a full-stack Cisco Meraki system does a great job keeping your network secure.
Conclusions:
If you want a robust but basic firewall, ASA is your best choice. Cisco Meraki is a better choice if you are looking for a next-generation firewall with advanced security features and easy management.