Try our new research platform with insights from 80,000+ expert users

Cisco Secure Firewall vs Palo Alto Networks K2-Series comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 16, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Fortinet FortiGate
Sponsored
Ranking in Firewalls
2nd
Average Rating
8.4
Reviews Sentiment
7.2
Number of Reviews
332
Ranking in other categories
Software Defined WAN (SD-WAN) Solutions (1st), WAN Edge (1st)
Cisco Secure Firewall
Ranking in Firewalls
7th
Average Rating
8.2
Reviews Sentiment
7.2
Number of Reviews
412
Ranking in other categories
Cisco Security Portfolio (6th)
Palo Alto Networks K2-Series
Ranking in Firewalls
29th
Average Rating
8.4
Reviews Sentiment
7.7
Number of Reviews
34
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of May 2025, in the Firewalls category, the mindshare of Fortinet FortiGate is 21.4%, up from 17.7% compared to the previous year. The mindshare of Cisco Secure Firewall is 6.0%, up from 5.5% compared to the previous year. The mindshare of Palo Alto Networks K2-Series is 0.0%, up from 0.0% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Firewalls
 

Featured Reviews

EhabAli - PeerSpot reviewer
Efficient, user-friendly, and affordable
In the past, NSS Labs was utilized to test files and verify the numbers and datasheets. It would be beneficial to have an organization or testing lab that can verify the numbers in our datasheets since changes are frequently made, which can be inconvenient for review. For instance, when comparing different competitors such as Forcepoint, Palo Alto, and Check Point, the throughput or numbers in the datasheet may be lower than the actual numbers. Conversely, Fortinet typically reports very high numbers, but they cannot be replicated in the real world. Therefore, it would be advantageous for them to partner with a neutral testing organization such as NSS Labs to validate these numbers, thus providing more credibility and comfort to everyone regarding the accuracy of the datasheets. For the migration, everyone has a firewall in use and I am selling Fortinet. Typically, I am replacing another firewall. Previously, there was a tool available to convert configurations from one firewall, such as Palo Alto, to Fortinet, but this tool is no longer free. If it could be made free again, it would be very beneficial. This tool shows a lot of promise and is very good. Making it free would help many companies deliver their products in a more efficient and integrated way. It would also be more valuable to include the tool with the firewall package or license instead of having to pay extra for it. Paying extra puts more pressure on small companies to deliver the firewall and complete the configuration, especially if they have hundreds or thousands of policies. It's very painful to move through these policies line by line. The stability has room for improvement. When it comes to Secure SD-WAN, everything is fine. They are going the right way. SD-WAN is very promising. They can provide the SD-WAN solution separately, but they will not take this approach because even the smallest firewall can support the features, so there is no need to have a separate service or appliance. They are following the right steps, and there is nothing to be improved. Feature-wise, I'm really satisfied with the new release, and the features they have added. For now, it's fine.
Maharajan S - PeerSpot reviewer
Enhances security with precise access control but has integration challenges
Overall, I would rate the product six out of ten. Because of the support and cost, I moved away from Cisco, but otherwise, it is a good product. Recommendation depends on the requirement. If lacking a proper team and being dependent on the OEM and partner, Cisco is not suitable. However, if the team is qualified with Cisco-certified people and the requirement is a big network, it can be considered. In today's hybrid work world, having an expanded gateway is more typical than having a single one. Thus, Cisco is unlikely to be recommended for a hybrid requirement unless in-house skills align. Otherwise, depending on partners and Cisco, it can be a risk. I rate the overall solution six out of ten.
Krishnakumar M - PeerSpot reviewer
One of the best tools for the prevention of evasive threats
There is a feature called granular application controls, which I liked. Instead of relying on ports and IP addresses, they use AMP ID. This kind of solution is very good. Another valuable feature is the prevention of evasive threats, which is one of the best tools I've encountered. SSL decryption and app ID-based SSL decryption are also impressive, along with the integration with user ID. Identity-based policies ensuring only authorized users can access specific resources are excellent features. Normally, there is something called SIM or SCIM in IDA IDM, but this feature is provided on the box, which is exemplary.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"One of the nice things about FortiGate is that it can be deployed on the cloud or on-premises. You can actually do both. That's the biggest reason why I stick with this solution as opposed to something like Cisco Meraki. Another nice thing is that I can log directly into a FortiGate or get to it through their FortiCloud access products. They're pretty reliable and consistent. One of the reasons why I started using the product was their single pane of management. I can deploy their line of firewalls in conjunction with their switching and access points, and I can manage the entire network from one interface. I don't have to log into one interface for the firewall, another one for the access points, and another one for the switches. These firewalls have access point controller functionality built right into the system, so I don't even have to purchase additional devices to manage them."
"Using this product makes the VPN seamless and almost invisible to me in the sense that I don't have to think about it."
"The technical support is great."
"The solution is highly scalable because they have devices that can handle a large amount of traffic."
"The multi-tenancy feature is most valuable. It integrates very well with FortiManager and FortiAnalyzer."
"Web filtering and two-factor authentication are great features."
"I'm pretty happy with its reliability. It is also very scalable."
"It enables our organization to become more productive. Also, it protects our NEtWare from viruses and malware."
"I found that setting up rules for HTTPS and SSH access to the management interface are straightforward, including setting the cypher type."
"The best solutions for our company are those we have yet to implement so it will be even better in the future for us than it already is."
"It's easy to integrate ASA with other Cisco security products. When you understand the technology, it's not a big deal. It's very simple."
"Stability is perfect. I haven't had any problems."
"The most valuable feature is stability."
"The Firepower+ISE+AMP for endpoint integration is something that really stands it out with other vendor solutions. They have something called pxGrid and i think it is already endorsed by IETF. This allows all devices on the network to communicate."
"Netting is one of the best features. We can modify it in different ways. Site-to-site VPN is also an awesome feature of Cisco ASA. The biggest advantage of Cisco products is technical support. They provide the best technical support."
"The whole firewall functionality, including firewall policies and IPS policies, is valuable. It has all kinds of functionalities. It has IPS, VPN, and other features. They are doing quite a lot of stuff with their devices."
"I like the tool's WildFire feature."
"Palo Alto's App-ID is what differentiates it from other competitors."
"Prevention of evasive threats is one of the best tools I've encountered."
"Palo Alto has better and finer controls than, say, Cisco or Check Point."
"Overall product rating: Nine out of ten."
"The application ID on the Palo Alto Networks K2-Series is able to understand the application traffic, and WildFire is also good."
"The most valuable feature is availability."
"Palo Alto firewalls are scalable enough. We have about 110 employees in our company, and we are about to expand to 130."
 

Cons

"The logs need to be better. They need to be more visible and easier to access."
"We had some issues in the beginning while setting it up, but after doing the firmware update, it is working fine."
"There is a lot of improvement needed with SSL-VPN."
"The search tool needs improvement. It's very difficult to search for policies right now."
"Some configuration elements cannot be easily altered once created."
"We'd like more management across other integrations."
"Due to its higher cost, Fortinet FortiGate can lead to increased operational expenses."
"The license renewal process, annual renewal price, and the web application firewall features should be improved."
"It would be nice if you didn't have to configure using a command-line interface. It's a bit technical that way."
"More intuitive support for SIP services are needed. This took a long time to configure properly for the user."
"Web filtering needs improvement because sometimes the URL is miscategorized."
"We would like to be able to manage a set of firewalls rather than individual firewalls. We haven't really looked into it or yet implemented it, but a single pane of glass would be helpful. We also use another vendor's firewalls, and they have a centralized management infrastructure that we have implemented, which makes it a little bit easier when you're managing lots of firewalls."
"Usually, the customers are satisfied, but I am going to recommend that all clients upgrade to FirePOWER management. I want Cisco to improve the feature called anti-spam. We use a Cisco only email solution, that's why we need the anti-spam on email facility."
"I needed to be well-versed with all the command lines for Cisco ASA in order to fully utilize it. I missed this info and wasted some operational costs."
"If the implementation was easier, it would be a lot better for us."
"The process of procuring modern-day technology within the DOD needs to improve."
"There are a lot of bugs in this solution."
"If we have issues, they take anywhere from two days to a week to respond. I even wrote to their CEO because there was no response. When it comes to support, this is the worst company."
"I'd like to see more data protection on the system."
"They should implement the features that the other firewalls have."
"It would be nice if it could easily be integrated with Elasticsearch or Nagios."
"The reporting functionality in GlobalProtect needs to be improved."
"I would like to see the threat intelligence capability integrated with other vendors such as Cisco and Forcepoint."
"It is recommended that the Palo Alto Networks K2-Series be implemented step by step for the Panorama. Sometimes we can't overwrite the configurations because it fails."
 

Pricing and Cost Advice

"The price depends on the size of the company. From the beginning, you just want to know the internet bandwidths, speed, and the number of users to be able to offer the right product and model. They have a lot of products in FortiGate according to the size of the company, like 200D and 300D."
"Its price is normal. If I compare it with other vendors, such as Palo Alto, it's normal. Palo Alto is expensive."
"We pay for the solution annually."
"If you purchase a one-year subscription with the hardware and then you want to renew for the second year, it is very costly."
"The licensing costs are very low."
"Fortinet is the least expensive solution."
"I had to pay for the license for the firewall, but it is guaranteed to have updates. I expect a good service for it. It was about €1000 for a year, and there was no additional cost."
"Licensing for Fortinet FortiGate is on a yearly basis. Pricing for it is a bit high. It could be cheaper."
"Firepower has a very high cost and you have to pay for the standby as well, meaning that the cost is doubled."
"We've gone to all smart licensing, so that works well."
"It requires additional licensing to enable 10G ports."
"Cisco smart licensing is a hassle for a disconnected environment."
"In terms of costs, other solutions are more expensive than Cisco. Palo Alto is more expensive than Cisco."
"The product cost is a little high. It is a little bit on the high side, and it should be a little bit cost-friendly."
"Pricing is the same as other competitors. It is comparable. The licensing has gotten better. It has been easier with Smart Licensing."
"It is pay-as-you-go, so it much cheaper than buying in the plants."
"This is an expensive solution, although you will get value for the price."
"If you compare K2-Series' quality with its price, I think it is reasonable."
"This product is designed for large companies. The price would not be suitable for a small or medium size company."
"The price of this solution is too high."
"It is an expensive solution."
"The overall price of Palo Alto Networks K2-Series could be reduced."
"The price of the solution is expensive."
"Palo Alto Networks K2-Series is an expensive solution, the price could be reduced. They are more expensive than some of their competitors."
report
Use our free recommendation engine to learn which Firewalls solutions are best for your needs.
851,451 professionals have used our research since 2012.
 

Comparison Review

it_user206346 - PeerSpot reviewer
Mar 11, 2015
Cisco ASA vs. Palo Alto Networks
Cisco ASA vs. Palo Alto: Management Goodies You often have comparisons of both firewalls concerning security components. Of course, a firewall must block attacks, scan for viruses, build VPNs, etc. However, in this post I am discussing the advantages and disadvantages from both vendors concerning…
 

Top Industries

By visitors reading reviews
Educational Organization
20%
Computer Software Company
14%
Comms Service Provider
7%
Manufacturing Company
6%
Educational Organization
41%
Computer Software Company
13%
Manufacturing Company
4%
University
4%
Computer Software Company
27%
Manufacturing Company
8%
Performing Arts
7%
Media Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Which is the better NGFW: Fortinet Fortigate or Cisco Firepower?
When you compare these firewalls you can identify them with different features, advantages, practices and usage a...
What is the biggest difference between Sophos XG and FortiGate?
From my experience regarding both the Sophos and FortiGate firewalls, I personally would rather use FortiGate. I know...
What are the biggest technical differences between Sophos UTM and Fortinet FortiGate?
As a solution, Sophos UTM offers a lot of functionality, it scales well, and the stability and performance are quite ...
Which is better - Fortinet FortiGate or Cisco ASA Firewall?
One of our favorite things about Fortinet Fortigate is that you can deploy on the cloud or on premises. Fortinet Fort...
How does Cisco's ASA firewall compare with the Firepower NGFW?
It is easy to integrate Cisco ASA with other Cisco products and also other NAC solutions. When you understand the Cis...
Which is better - Meraki MX or Cisco ASA Firewall?
Cisco Adaptive Security Appliance (ASA) software is the operating software for the Cisco ASA suite. It supports netw...
Features comparison between Palo Alto and Fortinet firewalls
In the best tradition of these questions, Feature-wise both are quite similar, but each has things it's better at, it...
What is your experience regarding pricing and costs for Palo Alto Networks K2-Series?
The pricing for the Palo Alto Networks K2-Series solution is affordable and there are no complaints about the licensing.
 

Also Known As

FortiGate 60b, FortiGate 60c, FortiGate 80c, FortiGate 50b, FortiGate 200b, FortiGate 110c, FortiGate, Fortinet Firewall
Cisco Adaptive Security Appliance (ASA) Firewall, Cisco ASA NGFW, Adaptive Security Appliance, Cisco Sourcefire Firewalls, Cisco ASAv, Cisco Firepower NGFW Firewall
No data available
 

Overview

 

Sample Customers

Amazon Web Services, Microsoft, IBM, Cisco, Dell, HP, Oracle, Verizon, AT&T, T-Mobile, Sprint, Vodafone, Orange, BT Group, Telstra, Deutsche Telekom, Comcast, Time Warner Cable, CenturyLink, NTT Communications, Tata Communications, SoftBank, China Mobile, Singtel, Telus, Rogers Communications, Bell Canada, Telkom Indonesia, Telkom South Africa, Telmex, Telia Company, Telkom Kenya
There are more than one million Adaptive Security Appliances deployed globally. Top customers include First American Financial Corp., Genzyme, Frankfurt Airport, Hansgrohe SE, Rio Olympics, The French Laundry, Rackspace, and City of Tomorrow.
State of North Dakota, SEGA, Alameda County Office of Education, Temple University, VERGE, CAME
Find out what your peers are saying about Cisco Secure Firewall vs. Palo Alto Networks K2-Series and other solutions. Updated: April 2025.
851,451 professionals have used our research since 2012.