Try our new research platform with insights from 80,000+ expert users

Cisco Secure Firewall vs Palo Alto Networks K2-Series comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 16, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Fortinet FortiGate
Sponsored
Ranking in Firewalls
2nd
Average Rating
8.4
Reviews Sentiment
7.2
Number of Reviews
333
Ranking in other categories
Software Defined WAN (SD-WAN) Solutions (1st), WAN Edge (1st)
Cisco Secure Firewall
Ranking in Firewalls
7th
Average Rating
8.2
Reviews Sentiment
7.2
Number of Reviews
413
Ranking in other categories
Cisco Security Portfolio (6th)
Palo Alto Networks K2-Series
Ranking in Firewalls
29th
Average Rating
8.4
Reviews Sentiment
7.7
Number of Reviews
34
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of May 2025, in the Firewalls category, the mindshare of Fortinet FortiGate is 21.4%, up from 17.7% compared to the previous year. The mindshare of Cisco Secure Firewall is 6.0%, up from 5.5% compared to the previous year. The mindshare of Palo Alto Networks K2-Series is 0.0%, up from 0.0% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Firewalls
 

Featured Reviews

EhabAli - PeerSpot reviewer
Efficient, user-friendly, and affordable
In the past, NSS Labs was utilized to test files and verify the numbers and datasheets. It would be beneficial to have an organization or testing lab that can verify the numbers in our datasheets since changes are frequently made, which can be inconvenient for review. For instance, when comparing different competitors such as Forcepoint, Palo Alto, and Check Point, the throughput or numbers in the datasheet may be lower than the actual numbers. Conversely, Fortinet typically reports very high numbers, but they cannot be replicated in the real world. Therefore, it would be advantageous for them to partner with a neutral testing organization such as NSS Labs to validate these numbers, thus providing more credibility and comfort to everyone regarding the accuracy of the datasheets. For the migration, everyone has a firewall in use and I am selling Fortinet. Typically, I am replacing another firewall. Previously, there was a tool available to convert configurations from one firewall, such as Palo Alto, to Fortinet, but this tool is no longer free. If it could be made free again, it would be very beneficial. This tool shows a lot of promise and is very good. Making it free would help many companies deliver their products in a more efficient and integrated way. It would also be more valuable to include the tool with the firewall package or license instead of having to pay extra for it. Paying extra puts more pressure on small companies to deliver the firewall and complete the configuration, especially if they have hundreds or thousands of policies. It's very painful to move through these policies line by line. The stability has room for improvement. When it comes to Secure SD-WAN, everything is fine. They are going the right way. SD-WAN is very promising. They can provide the SD-WAN solution separately, but they will not take this approach because even the smallest firewall can support the features, so there is no need to have a separate service or appliance. They are following the right steps, and there is nothing to be improved. Feature-wise, I'm really satisfied with the new release, and the features they have added. For now, it's fine.
Maharajan S - PeerSpot reviewer
Enhances security with precise access control but has integration challenges
Overall, I would rate the product six out of ten. Because of the support and cost, I moved away from Cisco, but otherwise, it is a good product. Recommendation depends on the requirement. If lacking a proper team and being dependent on the OEM and partner, Cisco is not suitable. However, if the team is qualified with Cisco-certified people and the requirement is a big network, it can be considered. In today's hybrid work world, having an expanded gateway is more typical than having a single one. Thus, Cisco is unlikely to be recommended for a hybrid requirement unless in-house skills align. Otherwise, depending on partners and Cisco, it can be a risk. I rate the overall solution six out of ten.
Krishnakumar M - PeerSpot reviewer
One of the best tools for the prevention of evasive threats
There is a feature called granular application controls, which I liked. Instead of relying on ports and IP addresses, they use AMP ID. This kind of solution is very good. Another valuable feature is the prevention of evasive threats, which is one of the best tools I've encountered. SSL decryption and app ID-based SSL decryption are also impressive, along with the integration with user ID. Identity-based policies ensuring only authorized users can access specific resources are excellent features. Normally, there is something called SIM or SCIM in IDA IDM, but this feature is provided on the box, which is exemplary.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The reporting and monitoring are very good."
"SSL-VPN is very useful for us and has been very reliable."
"It is a one box solution, which covers most of the edge device’s requirements."
"Customers want to load balance more than eight lines or six internet lines. FortiGate is the only solution that can accomplish this."
"The IPsec tunnels are very easily created, and quite interoperable with devices from other vendors."
"It's very good and very stable for businesses. It works very well."
"FortiGate's web and URL filtering are unlike any other firewall I've used. The functionality of URL filtering in those solutions is problematic because everything is encrypted, and firewalls can't break that encryption protocol. Fortinet has an SSL proxy, so the encryption is done before the packet ever leaves the FortiGate. The URL filter is definitely one of the most helpful features."
"Application control and the web filter are the best features of Fortinet FortiGate."
"The most valuable feature is IPS. It's a feature that's very interesting for tackling the most current attacks."
"My confidence continues to build upon using Cisco firewalls."
"We have been using a 5520 for seven years in our datacenter and we are satisfied by this version."
"The most valuable feature for the customers is that they can control what communication is allowed and what is not allowed. That is, they can allow or deny client traffic."
"The product is quite robust and durable."
"The customer service/technical support is very good with this solution."
"Cisco's technical support is the best and that's why everybody implements their products."
"The Adversity Malware Protection (AMP) feature is the most valuable. It is also very easy to use. Every technical user can operate this solution without any difficulty. The dashboard of Cisco Firepower has every tool that a security operator needs. You can find every resource that you need to operate through this dashboard."
"Prevention of evasive threats is one of the best tools I've encountered."
"The most valuable features are the virtualization of the firewall and the antivirus."
"I have found that Palo Alto Networks K2-Series has the best security. They are more user-friendly, older firewalls used to have to be configured using the command-line interface, but in this solution, it can be done in the GUI."
"Palo Alto firewalls are scalable enough. We have about 110 employees in our company, and we are about to expand to 130."
"The solution is reliable and scales well."
"This is a very reliable firewall and we have never had problems with it."
"Simple integrations with the domain controllers and other inventories"
"One of the most valuable features is Palo Alto's firewall management. We find it easier to manage the firewall centrally."
 

Cons

"In the balance between links feature normally you can just choose one option to balance. It would be better for the solution to have more than one option, preferably three."
"The captive portal could be improved."
"Fortinet needs more memory to save the log files. We need it to save the logs on the hardware and not in the cloud. I know this feature is available in FortiCloud, but if we need this log locally, it is not available."
"The solution lacks multi-language support."
"They need to improve their technical support."
"A lack of integration between our data centers."
"This product needs to have an analysis feature, rather than having the analysis done through the integration of a different product."
"From a reporting perspective, there's room for improvement. They're providing FortiAnalyzer through which one can get some enhancements, but the visibility and reporting still need slight improvement."
"They need a VTI. I know it's going to be available in the next software version, which is the 6.7 version. However, the problem with that is that the 6.7 is going to deprecate all the older IKEv1 deployment tunnels. Therefore, the problem is that we have a lot of customers which are using older encryptions. If I do that, update it, it's not going to work for me."
"Antivirus features must be integrated for end user security."
"Security must be increased when a new user connects over the LAN and an alarm must be generated."
"There is huge scope for improvement in URL filtering. The database that they have is not accurate. Their content awareness and categorization for URL filtering are not that great. We faced many challenges with their categorization and content awareness. They should improve these categorization issues."
"It is slowly not supported and other vendors are a few years ahead of Cisco in development."
"This product is managed using the Firepower Management Center (FMC), but it would be better if it also supported the command-line interface (CLI)."
"It could also use a reporting dashboard."
"There was an error in the configuration, related to our uplink switches, that caused us to contact technical support, and it took a very long time to resolve the issue."
"I cannot think of anything specific to improve at the moment."
"The reporting functionality in GlobalProtect needs to be improved."
"We had some issues with upgrading in the past. They could make the process easier."
"Palo Alto releases a lot of bug fixes for their firewalls, which means it's necessary to do frequent upgrades. They should work on decreasing their bugs so that upgrades aren't needed so often."
"They could improve by providing more features in the solution."
"Its networking features could be better."
"The product should get frequent updates allowing us to add new signatures."
"It is recommended that the Palo Alto Networks K2-Series be implemented step by step for the Panorama. Sometimes we can't overwrite the configurations because it fails."
 

Pricing and Cost Advice

"The price of Fortinet FortiGate is reasonable."
"The price is really low. It's cheap in comparison to the cost of Cisco or CheckPoint, for example."
"It's a very full-featured and it's priced well solution."
"At the time we bought them, I was satisfied with their pricing; I don't know how the new pricing will be."
"It has a competitive price."
"Its price could be better."
"Licensing is usually on a three-year period."
"We are on an annual license to use Fortinet FortiGate."
"The cost of the firewalls versus the ROI is okay."
"The pricing is fair."
"Based on the services that you will get, especially the AMP license, the price is very reasonable."
"This is an expensive product, although when you buy this solution, you can do many things so it provides good value for the investment."
"Pricing is high."
"I bought a license for three years and it was really affordable."
"Watch out for hidden licensing and incredibly high annual maintenance costs."
"The pricing was pretty comparable to other solutions when we purchased it."
"This is an expensive solution, although you will get value for the price."
"If you compare K2-Series' quality with its price, I think it is reasonable."
"Palo Alto Networks K2-Series is an expensive solution, the price could be reduced. They are more expensive than some of their competitors."
"This solution is expensive compared to other, similar products."
"Palo Alto firewalls are very expensive."
"Pricing is a sensitive issue because the cost is high in this market."
"This product is designed for large companies. The price would not be suitable for a small or medium size company."
"It would be nice if they lowered their prices for small businesses."
report
Use our free recommendation engine to learn which Firewalls solutions are best for your needs.
851,604 professionals have used our research since 2012.
 

Comparison Review

it_user206346 - PeerSpot reviewer
Mar 11, 2015
Cisco ASA vs. Palo Alto Networks
Cisco ASA vs. Palo Alto: Management Goodies You often have comparisons of both firewalls concerning security components. Of course, a firewall must block attacks, scan for viruses, build VPNs, etc. However, in this post I am discussing the advantages and disadvantages from both vendors concerning…
 

Top Industries

By visitors reading reviews
Educational Organization
20%
Computer Software Company
14%
Comms Service Provider
7%
Manufacturing Company
6%
Educational Organization
41%
Computer Software Company
13%
Manufacturing Company
4%
University
4%
Computer Software Company
26%
Manufacturing Company
9%
Performing Arts
7%
Media Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Which is the better NGFW: Fortinet Fortigate or Cisco Firepower?
When you compare these firewalls you can identify them with different features, advantages, practices and usage a...
What is the biggest difference between Sophos XG and FortiGate?
From my experience regarding both the Sophos and FortiGate firewalls, I personally would rather use FortiGate. I know...
What are the biggest technical differences between Sophos UTM and Fortinet FortiGate?
As a solution, Sophos UTM offers a lot of functionality, it scales well, and the stability and performance are quite ...
Which is better - Fortinet FortiGate or Cisco ASA Firewall?
One of our favorite things about Fortinet Fortigate is that you can deploy on the cloud or on premises. Fortinet Fort...
How does Cisco's ASA firewall compare with the Firepower NGFW?
It is easy to integrate Cisco ASA with other Cisco products and also other NAC solutions. When you understand the Cis...
Which is better - Meraki MX or Cisco ASA Firewall?
Cisco Adaptive Security Appliance (ASA) software is the operating software for the Cisco ASA suite. It supports netw...
Features comparison between Palo Alto and Fortinet firewalls
In the best tradition of these questions, Feature-wise both are quite similar, but each has things it's better at, it...
What is your experience regarding pricing and costs for Palo Alto Networks K2-Series?
The pricing for the Palo Alto Networks K2-Series solution is affordable and there are no complaints about the licensing.
 

Also Known As

FortiGate 60b, FortiGate 60c, FortiGate 80c, FortiGate 50b, FortiGate 200b, FortiGate 110c, FortiGate, Fortinet Firewall
Cisco Adaptive Security Appliance (ASA) Firewall, Cisco ASA NGFW, Adaptive Security Appliance, Cisco Sourcefire Firewalls, Cisco ASAv, Cisco Firepower NGFW Firewall
No data available
 

Overview

 

Sample Customers

Amazon Web Services, Microsoft, IBM, Cisco, Dell, HP, Oracle, Verizon, AT&T, T-Mobile, Sprint, Vodafone, Orange, BT Group, Telstra, Deutsche Telekom, Comcast, Time Warner Cable, CenturyLink, NTT Communications, Tata Communications, SoftBank, China Mobile, Singtel, Telus, Rogers Communications, Bell Canada, Telkom Indonesia, Telkom South Africa, Telmex, Telia Company, Telkom Kenya
There are more than one million Adaptive Security Appliances deployed globally. Top customers include First American Financial Corp., Genzyme, Frankfurt Airport, Hansgrohe SE, Rio Olympics, The French Laundry, Rackspace, and City of Tomorrow.
State of North Dakota, SEGA, Alameda County Office of Education, Temple University, VERGE, CAME
Find out what your peers are saying about Cisco Secure Firewall vs. Palo Alto Networks K2-Series and other solutions. Updated: April 2025.
851,604 professionals have used our research since 2012.