Try our new research platform with insights from 80,000+ expert users

Cisco Secure Firewall vs Palo Alto Networks K2-Series comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 16, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Fortinet FortiGate
Sponsored
Ranking in Firewalls
2nd
Average Rating
8.4
Reviews Sentiment
7.2
Number of Reviews
370
Ranking in other categories
Software Defined WAN (SD-WAN) Solutions (1st), WAN Edge (1st)
Cisco Secure Firewall
Ranking in Firewalls
6th
Average Rating
8.2
Reviews Sentiment
7.3
Number of Reviews
428
Ranking in other categories
Cisco Security Portfolio (3rd)
Palo Alto Networks K2-Series
Ranking in Firewalls
34th
Average Rating
8.4
Reviews Sentiment
7.7
Number of Reviews
34
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of July 2025, in the Firewalls category, the mindshare of Fortinet FortiGate is 21.2%, up from 17.7% compared to the previous year. The mindshare of Cisco Secure Firewall is 6.2%, up from 5.5% compared to the previous year. The mindshare of Palo Alto Networks K2-Series is 0.1%, up from 0.0% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Firewalls
 

Featured Reviews

Vasu Gala - PeerSpot reviewer
A stable solution with an intuitive interface and quick customer service
I have been working with Fortinet FortiGate, WatchGuard, Sophos, and SonicWall. I'm not as comfortable with SonicWall because of their UI and limitations. I prefer Fortinet above all other options. When it comes to configuration, I am confident in my ability to handle various tasks, including creating policies such as firewall rules, web policies, and application policies. Additionally, I can configure VPNs and implement load balancing, among other tasks. Overall, I feel much more comfortable working with Fortinet. Fortinet has made significant improvements by integrating AI with firewalls for threat analysis and prevention. In the past 2-3 years, they have launched FortiSASE and SIEM, and they also provide SOC services. Both Palo Alto and Fortinet FortiGate are excellent. While Fortinet FortiGate comes at higher prices, the functionality and support justify the cost. They promptly resolve firmware issues and inform all support providers about configuration changes.
Phil Shiflett - PeerSpot reviewer
Unified policies streamline network management but complex licensing requires attention
Cisco Secure Firewall has some growth opportunities in terms of visibility and control capabilities regarding managing encrypted traffic. It has the ability to analyze encrypted traffic, and there is potential for more integration with APIs and AI to enhance these capabilities. Cisco Secure Firewall needs improvement in deployment time and the capability to access the CLI during support calls. I often encounter issues when technical support uses a CLI that is not familiar to me while troubleshooting through the GUI. My ongoing complaint for the last six years has been the lack of CLI functionality, which hinders my ability to work on the firewall, alongside concerns regarding deployment time. For the next release, they should look at the features offered by competitors such as Fortinet, including the ability to perform packet capture directly from the interface. If they enhanced their troubleshooting efficiency related to packet capture for each specific rule, it would simplify the process significantly.
Krishnakumar M - PeerSpot reviewer
One of the best tools for the prevention of evasive threats
There is a feature called granular application controls, which I liked. Instead of relying on ports and IP addresses, they use AMP ID. This kind of solution is very good. Another valuable feature is the prevention of evasive threats, which is one of the best tools I've encountered. SSL decryption and app ID-based SSL decryption are also impressive, along with the integration with user ID. Identity-based policies ensuring only authorized users can access specific resources are excellent features. Normally, there is something called SIM or SCIM in IDA IDM, but this feature is provided on the box, which is exemplary.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"It's a good product that significantly enhances security and protects organizational data."
"We purchased Fortinet because of the pricing, its functionality, because it met our requirements, and the total cost of ownership over five years was quite reasonable. In the market, Fortinet is rated quite well."
"Some of the valuable features are the firewall, IPS, web filter, and gateway capabilities. Additionally, it is easy to use and flexible."
"Fortinet FortiGate positively provides my clients' organizations with a high return on investment."
"The initial setup of Fortinet FortiGate was straightforward."
"The most valuable features of Fortinet FortiGate are the ease of use and the UI. It has always provided me with what I needed. I have no need for additional costs that other solutions have, such as Sophos."
"We use a lot of function on the IPS and it works well for us."
"The most important features of Fortinet FortiGate are the Intrusion Prevention System (IPS) and firewall control applications."
"The stability and reliability of the Cisco Secure Firewall have always been good; it never falls, never fails, and it's always backed up, which is always good too."
"You do not have to do everything through a command line which makes it a lot easier to apply rules."
"I haven't had any major problems so I haven't had to open a ticket with technical support."
"Cisco Secure Firewall has improved our customers' security posture because it offers Next-Gen features, granularity, and reporting on the back of it. You can see the amount of users accessing Office 365, for example, and whether they're having a good or bad experience. You can see the threats that are coming into your network. You can see anyone who is compromised from within your network."
"I have not had one Cisco Secure Firewall fail so far, which shows it is stable and reliable."
"We have been using a 5520 for seven years in our datacenter and we are satisfied by this version."
"I would evaluate customer service and technical support for Cisco Secure Firewall as excellent, as my Cisco team for the Army has been exceptional."
"The content filtering is good."
"It is a stable solution."
"We've found the solution offers us good stability."
"This is a very reliable firewall and we have never had problems with it."
"Mainly, it is very easy to understand, and the logs are very good."
"The application ID on the Palo Alto Networks K2-Series is able to understand the application traffic, and WildFire is also good."
"The most valuable feature is availability."
"Palo Alto firewalls are scalable enough. We have about 110 employees in our company, and we are about to expand to 130."
"This firewall is very good for our customers because they don't have to write their own rules for adding an application."
 

Cons

"From my experience, I see that the datasheets of the Fortinet FortiGate portfolio need to be more accurate because correct sizing is essential."
"It needs more available central management."
"I would like reporting to be improved and should offer a lot more tools to monitor the products."
"FortiManager has not been my favorite. I don't use it and cannot say I really care for FortiManager for managing the firewalls."
"Their support's response time can be better. In the past six months, they took quite a long time to respond to the support tickets."
"We have never encountered any issues with it. The price and deployment part of Fortinet FortiGate is good, but it can always be better."
"Sometimes you do need to know some CLI commands, so it's a bit harder for technicians or new people that don't know it."
"There are just some services that aren't available. For example, the Ethernet or point-to-point protocols. They could add these services to their product offering - especially services for ISPs."
"Improving Cisco Secure Firewall could involve adding more functionality on the box without needing an FMC, as some features become less effective without it."
"Cisco Secure Firewall can be improved by simplifying the GUI, as it shouldn't be so complex."
"It can probably provide a holistic view of different appliances because many customers do not have only one brand, besides the traditional SNMP protocols, to cover all their devices. There are some specific requirements in terms of configurations or actions that sometimes have to be done in a very manual way because of the different versions or brands in a customer's infrastructure. It could also have some additional analytics capabilities. It has some very interesting ways to monitor the traffic and identify false positives from the architecture and the environment. It would be good if there is a way to patch with some other industry-specific solutions and synchronize some of the information, such as what other customers experience in their operations and probably share some additional information that could be leveraged or shared among the industry. Such information would be something interesting to see. It could have AI capabilities related to how the appliances could benefit from learning the current environment and different exposures."
"I would like the ability to pick and choose different features of it to run in a packaged infrastructure or modules, therefore I would like to have more customizability over it."
"It is expensive."
"The only drawback of the user interface is when it comes to policies. When you open it and click on the policies, you have to move manually left and right if you want to see the whole field within the cell. Checkpoint has a very detailed user interface."
"The overall licensing structure could improve to make the solution better."
"I work for a school, so getting licensing and getting the budget for Cisco Secure Firewall for certain products is a challenge. It's good to have them, however, it costs us a lot."
"The graphical user interface is a little complex and difficult to manage. L1 engineers cannot work on the Palo Alto Networks K2-Series because it's too complex, which requires L2 and above level of engineers."
"I cannot think of anything specific to improve at the moment."
"I would like to see the threat intelligence capability integrated with other vendors such as Cisco and Forcepoint."
"Higher levels of support are excellent but new users may need additional options."
"We had some issues with upgrading in the past. They could make the process easier."
"It would be nice if it could easily be integrated with Elasticsearch or Nagios."
"The scalability for on-premises version is limited as it depends on the model."
"Palo Alto releases a lot of bug fixes for their firewalls, which means it's necessary to do frequent upgrades. They should work on decreasing their bugs so that upgrades aren't needed so often."
 

Pricing and Cost Advice

"The price for the device and software is high. However, the solution is of good quality and has a lot of features."
"I find it quite reasonable."
"The main reason we chose Fortinet FortiGate was that the price was better than the competition."
"The pricing is comprehensive and clear. You can easily understand what you are purchasing, including which features correspond to each license and maintenance contract. Overall, the information is straightforward. Additionally, compared to other vendors, their prices are competitive."
"I think the price of Fortinet FortiGate is very reasonable."
"The price of FortiGate support is too expensive."
"The solution requires a license annually, it is not a user license, you can have as many users as your want. I must renew the license regularly per device."
"Setup costs and pricing depends on many variables, but it's mostly affordable."
"The Cisco licensing agreement in Bangladesh is different than the one in India and in Dubai. It is not a problem, but if you want to subscribe to the yearly subscription, the original cost is really high. Also, if you go for an anti-virus, you pay for an additional yearly subscription."
"The cost of keeping the licensing up on the ASA is very expensive. It has a lot of positives, but the cost of going with it is really starting to be a major negative right now."
"They seem to be at the top end in terms of pricing, but they are worth the price. They are probably a little bit lower than Palo Alto. If the customers are relying on Cisco products and they are thinking more in terms of scaling to another layer in a year, it is pretty much in a good price range."
"In terms of costs, other solutions are more expensive than Cisco. Palo Alto is more expensive than Cisco."
"The licensing models that are available for Cisco Secure Firewall are okay. You have nearly every option that you need. You can pick filtering, advanced malware protection, or all the available features. It's sufficient. In terms of pricing, there are, for sure, some cheaper vendors, but overall, it's nearly the same. It has a fair price."
"Cisco devices are for sure costly and budget could be an important constrain on selecting them as our security solution."
"It was initially heavy on my pocket, but it soon actualised its worth."
"The pricing could always be cheaper."
"This product is designed for large companies. The price would not be suitable for a small or medium size company."
"We are on an annual license to use Palo Alto Networks K2-Series."
"It would be nice if they lowered their prices for small businesses."
"The price of the solution is expensive."
"This is an expensive solution, although you will get value for the price."
"The price of this solution is too high."
"Palo Alto Networks K2-Series is an expensive solution, the price could be reduced. They are more expensive than some of their competitors."
"Pricing is a sensitive issue because the cost is high in this market."
report
Use our free recommendation engine to learn which Firewalls solutions are best for your needs.
859,687 professionals have used our research since 2012.
 

Comparison Review

it_user206346 - PeerSpot reviewer
Mar 11, 2015
Cisco ASA vs. Palo Alto Networks
Cisco ASA vs. Palo Alto: Management Goodies You often have comparisons of both firewalls concerning security components. Of course, a firewall must block attacks, scan for viruses, build VPNs, etc. However, in this post I am discussing the advantages and disadvantages from both vendors concerning…
 

Top Industries

By visitors reading reviews
Computer Software Company
15%
Educational Organization
12%
Comms Service Provider
8%
Manufacturing Company
7%
Educational Organization
31%
Computer Software Company
16%
University
6%
Manufacturing Company
5%
Computer Software Company
21%
Performing Arts
13%
Manufacturing Company
10%
Comms Service Provider
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Which is the better NGFW: Fortinet Fortigate or Cisco Firepower?
When you compare these firewalls you can identify them with different features, advantages, practices and usage a...
What is the biggest difference between Sophos XG and FortiGate?
From my experience regarding both the Sophos and FortiGate firewalls, I personally would rather use FortiGate. I know...
What are the biggest technical differences between Sophos UTM and Fortinet FortiGate?
As a solution, Sophos UTM offers a lot of functionality, it scales well, and the stability and performance are quite ...
Which is better - Fortinet FortiGate or Cisco ASA Firewall?
One of our favorite things about Fortinet Fortigate is that you can deploy on the cloud or on premises. Fortinet Fort...
How does Cisco's ASA firewall compare with the Firepower NGFW?
It is easy to integrate Cisco ASA with other Cisco products and also other NAC solutions. When you understand the Cis...
Which is better - Meraki MX or Cisco ASA Firewall?
Cisco Adaptive Security Appliance (ASA) software is the operating software for the Cisco ASA suite. It supports netw...
Features comparison between Palo Alto and Fortinet firewalls
In the best tradition of these questions, Feature-wise both are quite similar, but each has things it's better at, it...
What is your experience regarding pricing and costs for Palo Alto Networks K2-Series?
The pricing for the Palo Alto Networks K2-Series solution is affordable and there are no complaints about the licensing.
 

Also Known As

FortiGate 60b, FortiGate 60c, FortiGate 80c, FortiGate 50b, FortiGate 200b, FortiGate 110c, FortiGate, Fortinet Firewall
Cisco Adaptive Security Appliance (ASA) Firewall, Cisco ASA NGFW, Adaptive Security Appliance, Cisco Sourcefire Firewalls, Cisco ASAv, Cisco Firepower NGFW Firewall
No data available
 

Overview

 

Sample Customers

Amazon Web Services, Microsoft, IBM, Cisco, Dell, HP, Oracle, Verizon, AT&T, T-Mobile, Sprint, Vodafone, Orange, BT Group, Telstra, Deutsche Telekom, Comcast, Time Warner Cable, CenturyLink, NTT Communications, Tata Communications, SoftBank, China Mobile, Singtel, Telus, Rogers Communications, Bell Canada, Telkom Indonesia, Telkom South Africa, Telmex, Telia Company, Telkom Kenya
There are more than one million Adaptive Security Appliances deployed globally. Top customers include First American Financial Corp., Genzyme, Frankfurt Airport, Hansgrohe SE, Rio Olympics, The French Laundry, Rackspace, and City of Tomorrow.
State of North Dakota, SEGA, Alameda County Office of Education, Temple University, VERGE, CAME
Find out what your peers are saying about Cisco Secure Firewall vs. Palo Alto Networks K2-Series and other solutions. Updated: June 2025.
859,687 professionals have used our research since 2012.