Try our new research platform with insights from 80,000+ expert users

Cisco Secure Firewall vs Palo Alto Networks NG Firewalls comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Apr 6, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

ROI

Sentiment score
7.4
Fortinet FortiGate offers cost-efficient security, enhancing performance and network stability, while significantly reducing operational costs and incidents.
Sentiment score
5.8
Cisco Secure Firewall offers ROI through reliability, preventing costly incidents, improving efficiency, and easy integration despite ROI quantification challenges.
Sentiment score
7.6
Palo Alto Networks NG Firewalls offer strong ROI by enhancing security, reducing costs, and enabling efficient management for digital transformation.
Clients are now comfortable and not wasting productive hours on IT support.
We have experienced a positive return on investment by utilizing Fortinet's products.
There's definitely an ROI. Having a centralized way of managing and applying policies across the entire organization always helps.
Their user-friendly interface and Panorama central management, which provides a comprehensive overview, make them an ideal investment.
The solution helped reduce downtime, which is crucial in time-sensitive industries like manufacturing.
 

Customer Service

Sentiment score
7.0
Fortinet FortiGate support receives mixed reviews, praised for higher-level assistance but criticized for inconsistent technical support responsiveness.
Sentiment score
6.4
Cisco Secure Firewall users praise efficient customer service but note occasional inconsistency; direct contracts improve support quality.
Sentiment score
7.6
User reviews for Palo Alto Networks NG Firewalls support vary, highlighting responsiveness issues, regional inconsistencies, and communication challenges.
He explained that it required a command line configuration, as it couldn't be done through the graphical user interface.
I would rate their support for FortiGate a nine out of ten.
They offer very accurate solutions.
I have to provide many logs, yet problems remain unresolved, often requiring workarounds rather than solutions.
I have been working with them on firewalls, wireless, switching, and routing, and the support is the best.
If I have a priority one case, I am able to call the manager to raise the severity.
Their response time is within one hour.
They offer fast and competent assistance.
They provide fast response and rapid remediation of problems.
 

Scalability Issues

Sentiment score
7.3
Fortinet FortiGate is scalable for enterprises, but expansion may require budget planning and careful pre-planning for integration.
Sentiment score
6.6
Cisco Secure Firewall is scalable and flexible for businesses, but costs and hardware vary, requiring careful needs assessment.
Sentiment score
7.3
Palo Alto Networks NG Firewalls offer scalable options, but hardware upgrades, clustering limitations, and costs may challenge smaller organizations.
They scale up really well from smaller models like the FortiGate 40 and 50 to bigger sites with the FortiGate 100 for more throughput - up to enterprise datacenters.
The variation comes in terms of the interfaces and throughputs, but from a security perspective, you get the same benefit, irrespective of whether you have an entry-level unit or an enterprise.
You can choose a cheaper model if you only have 20-30 users, but you will need to spend more money for a FortiGate solution that covers 5,000.
Scalability presents a challenge.
Compared to FortiGate and Palo Alto, it lags in configuration and other aspects.
Cloud deployments benefit from auto-scaling, allowing for automatic adjustments to firewall capacity based on demand.
It is important to assess the infrastructure size before choosing a model.
Palo Alto Networks NG Firewalls are scalable and reliable.
 

Stability Issues

Sentiment score
7.9
Fortinet FortiGate is reliable and stable, despite occasional issues under high traffic; model selection impacts performance.
Sentiment score
8.9
Cisco Secure Firewall is praised for stability, reliability, minimal issues, rapid updates for bugs, and exceptional performance under pressure.
Sentiment score
8.4
Palo Alto Networks NG Firewalls are praised for high stability, outperforming competitors, with minor issues linked to external factors.
Improper handling of these can lead to a memory surge, a well-known bug that can cause the entire system to freeze.
It is less stable than Palo Alto Networks and Check Point firewalls because there are lots of bugs in the latest firmware.
We have not had any problems with the operating systems or maintenance of subscriptions.
Cisco Secure Firewall offers exceptional performance and stability.
With appropriately configured policies, these firewalls can provide robust network security.
After the upgrade, we are experiencing performance issues.
I have not experienced any outages or issues.
 

Room For Improvement

Fortinet FortiGate needs improved UI stability, integration, performance, VPN functionality, support, and simplified policy management due to high costs.
Cisco Secure Firewall users seek improvements in routing support, cost efficiency, UI design, integration, and performance enhancements.
Palo Alto Networks NG Firewalls require improvements in reporting, integration, pricing, ease of use, and machine learning capabilities.
If I have put 10 GBPS of throughput on a firewall and I enable all of these features available, such as IPS or UTM functionalities, the throughput comes down to 1 GBPS.
By providing an integrated solution, users would have access to all features and functionalities within a single window, eliminating the need to navigate through multiple windows.
Investing in a solution that can accommodate such growth would be more cost-effective than repeatedly purchasing new hardware.
Firepower Management Center is quite out of date compared to other vendors.
The integration between Cisco products themselves presents difficulties, such as SD-WAN configuration.
Cisco Firewalls require FMC for management.
When performance degrades due to full packet inspection, the solution should be to increase the computing power within the same firewall, not to recommend upgrading to a larger, more expensive model.
Further integration into a unified system could improve usability.
Palo Alto Networks NG Firewalls lack built-in multi-factor authentication, requiring the purchase of a third-party tool to implement this essential security feature.
 

Setup Cost

Fortinet FortiGate is praised for its cost-effectiveness and flexible licensing, especially benefiting small to medium-sized businesses.
Cisco Secure Firewall is costly but valued for performance, support, and discounts, appealing to security-focused enterprises.
Palo Alto Networks NG Firewalls are costly, but users find their security and performance worth the investment despite high expenses.
Secure SD-WAN is free of charge.
The most expensive part is the renewal of the license subscription.
FortiGate is priced lower than Palo Alto.
It's considered a premium, but people pay that price for Cisco.
The licensing process for Cisco Secure Firewall is convoluted, involving many steps to request and enter a license key.
Palo Alto Networks NG Firewalls are expensive.
Palo Alto Networks NG Firewalls come at a premium, exceeding the cost of most competitors by 45 percent.
Colleagues looking for the cheapest and fastest firewall can still use Palo Alto Networks NG Firewalls because they are affordable.
 

Valuable Features

Fortinet FortiGate is a reliable, user-friendly security solution known for robust features, easy configuration, and competitive pricing.
Cisco Secure Firewall offers robust security, easy management, and integration with high availability, scalability, and centralized policy creation.
Palo Alto Networks NG Firewalls provide advanced threat prevention, application visibility, and seamless management with robust security features and performance.
The firewall, IPS, and VPN functions are the most valuable features.
FortiGate provides solid protection against viruses, malware, and other threats.
Within the same dashboard, you get to see the security profiles, the type of traffic that's passing through, the top applications that are being consumed, etc.
It includes features like IPS, malware protection, and other security features.
Cisco Firewall has very good features, like trusted applications and restricted access for users based on keywords.
The most valuable features of Cisco Secure Firewall include the next-generation firewall and its strong anti-malware capabilities.
The most valuable features of Palo Alto Networks NG Firewalls are DNS sync calls, enabled security features, and Wildfire.
Threat Vault allows us access to a comprehensive threat database, enabling us to get detailed information on threats and how to mitigate them.
The most valuable feature of Palo Alto Networks NG Firewalls is Cortex Data Lake.
 

Categories and Ranking

Fortinet FortiGate
Sponsored
Ranking in Firewalls
2nd
Average Rating
8.4
Reviews Sentiment
7.2
Number of Reviews
330
Ranking in other categories
Software Defined WAN (SD-WAN) Solutions (1st), WAN Edge (1st)
Cisco Secure Firewall
Ranking in Firewalls
7th
Average Rating
8.2
Reviews Sentiment
7.2
Number of Reviews
411
Ranking in other categories
Cisco Security Portfolio (4th)
Palo Alto Networks NG Firew...
Ranking in Firewalls
6th
Average Rating
8.6
Reviews Sentiment
7.4
Number of Reviews
192
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of May 2025, in the Firewalls category, the mindshare of Fortinet FortiGate is 21.4%, up from 17.7% compared to the previous year. The mindshare of Cisco Secure Firewall is 6.0%, up from 5.5% compared to the previous year. The mindshare of Palo Alto Networks NG Firewalls is 3.4%, up from 3.1% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Firewalls
 

Q&A Highlights

Abdul Azim - PeerSpot reviewer
Nov 05, 2024
 

Featured Reviews

EhabAli - PeerSpot reviewer
Efficient, user-friendly, and affordable
In the past, NSS Labs was utilized to test files and verify the numbers and datasheets. It would be beneficial to have an organization or testing lab that can verify the numbers in our datasheets since changes are frequently made, which can be inconvenient for review. For instance, when comparing different competitors such as Forcepoint, Palo Alto, and Check Point, the throughput or numbers in the datasheet may be lower than the actual numbers. Conversely, Fortinet typically reports very high numbers, but they cannot be replicated in the real world. Therefore, it would be advantageous for them to partner with a neutral testing organization such as NSS Labs to validate these numbers, thus providing more credibility and comfort to everyone regarding the accuracy of the datasheets. For the migration, everyone has a firewall in use and I am selling Fortinet. Typically, I am replacing another firewall. Previously, there was a tool available to convert configurations from one firewall, such as Palo Alto, to Fortinet, but this tool is no longer free. If it could be made free again, it would be very beneficial. This tool shows a lot of promise and is very good. Making it free would help many companies deliver their products in a more efficient and integrated way. It would also be more valuable to include the tool with the firewall package or license instead of having to pay extra for it. Paying extra puts more pressure on small companies to deliver the firewall and complete the configuration, especially if they have hundreds or thousands of policies. It's very painful to move through these policies line by line. The stability has room for improvement. When it comes to Secure SD-WAN, everything is fine. They are going the right way. SD-WAN is very promising. They can provide the SD-WAN solution separately, but they will not take this approach because even the smallest firewall can support the features, so there is no need to have a separate service or appliance. They are following the right steps, and there is nothing to be improved. Feature-wise, I'm really satisfied with the new release, and the features they have added. For now, it's fine.
Maharajan S - PeerSpot reviewer
Enhances security with precise access control but has integration challenges
Overall, I would rate the product six out of ten. Because of the support and cost, I moved away from Cisco, but otherwise, it is a good product. Recommendation depends on the requirement. If lacking a proper team and being dependent on the OEM and partner, Cisco is not suitable. However, if the team is qualified with Cisco-certified people and the requirement is a big network, it can be considered. In today's hybrid work world, having an expanded gateway is more typical than having a single one. Thus, Cisco is unlikely to be recommended for a hybrid requirement unless in-house skills align. Otherwise, depending on partners and Cisco, it can be a risk. I rate the overall solution six out of ten.
AmjadKhan1 - PeerSpot reviewer
Provides inline protection with a unified view and anti-spyware capabilities
I would rate Palo Alto Networks NG Firewalls ten out of ten because it is the best. Our disaster recovery site utilizes Palo Alto Networks Next-Generation Firewalls. We are also in the process of upgrading the firewalls at our 365 sites in Pakistan to Palo Alto Networks firewalls. While budget firewalls may advertise comparable features, they often fall short of effectively detecting viruses, threats, and ransomware. In contrast, Palo Alto Networks NG Firewalls, combined with Cortex XDR, provide comprehensive threat intelligence and detection capabilities, ensuring superior security coverage. I recommend conducting a proof of concept before selecting a firewall. This will allow you to evaluate different options and determine which best suits your needs. While Palo Alto offers robust firewall solutions, it's essential to compare them with other vendors to ensure you make an informed decision.
report
Use our free recommendation engine to learn which Firewalls solutions are best for your needs.
849,686 professionals have used our research since 2012.
 

Comparison Review

it_user206346 - PeerSpot reviewer
Mar 11, 2015
Cisco ASA vs. Palo Alto Networks
Cisco ASA vs. Palo Alto: Management Goodies You often have comparisons of both firewalls concerning security components. Of course, a firewall must block attacks, scan for viruses, build VPNs, etc. However, in this post I am discussing the advantages and disadvantages from both vendors concerning…
 

Answers from the Community

Abdul Azim - PeerSpot reviewer
Nov 5, 2024
Nov 5, 2024
When considering a firewall solution, Palo Alto Networks stands out in terms of advanced security features, AI-driven automation, and ease of management. These attributes make it an ideal choice for organizations looking to not only secure their networks today but also protect themselves from the evolving cyber threats of tomorrow. In comparison, Cisco Firepower, while a solid solution, lacks t...
See 2 answers
Raj Metkar - PeerSpot reviewer
Sep 10, 2024
I will say go for Palo Alto Firewalls purely on basis of ease of management(centralised management has all features that one will need), only reason one would think of Cisco firepower if you are dependent on EIGRP as dynamic routing protocol and PA's will support anything else like BGP/OSPF for total integration and Dynamic topology, Similar to Checkpoint firewalls but much cheaper in price.We use All 3 firewall technologies , Cisco, PA and Checkpoint, if I have money I will go for checkpoint everywhere, main problem with Cisco has been centralised managed and Cisco never got it right, Central management for PA is almost there but is still not as good as Checkpoint.
Bijo Abraham - PeerSpot reviewer
Nov 5, 2024
When considering a firewall solution, Palo Alto Networks stands out in terms of advanced security features, AI-driven automation, and ease of management. These attributes make it an ideal choice for organizations looking to not only secure their networks today but also protect themselves from the evolving cyber threats of tomorrow. In comparison, Cisco Firepower, while a solid solution, lacks the same level of integrated AI capabilities, cloud-readiness, and seamless management interface. Given these factors, Palo Alto Networks offers superior protection, greater operational efficiency, and long-term scalability — all of which align with modern business requirements for agility, security, and growth. We strongly recommend that the organization adopt Palo Alto Networks Firewalls to meet current and future security needs. This recommendation aligns with the organization’s objectives of reducing complexity, improving security posture, and preparing for future threats with an intelligent and easily manageable security solution.
 

Top Industries

By visitors reading reviews
Educational Organization
21%
Computer Software Company
14%
Comms Service Provider
7%
Manufacturing Company
6%
Educational Organization
41%
Computer Software Company
13%
Manufacturing Company
5%
Government
4%
Computer Software Company
15%
Financial Services Firm
9%
Manufacturing Company
9%
Government
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Which is the better NGFW: Fortinet Fortigate or Cisco Firepower?
When you compare these firewalls you can identify them with different features, advantages, practices and usage a...
What is the biggest difference between Sophos XG and FortiGate?
From my experience regarding both the Sophos and FortiGate firewalls, I personally would rather use FortiGate. I know...
What are the biggest technical differences between Sophos UTM and Fortinet FortiGate?
As a solution, Sophos UTM offers a lot of functionality, it scales well, and the stability and performance are quite ...
Which is better - Fortinet FortiGate or Cisco ASA Firewall?
One of our favorite things about Fortinet Fortigate is that you can deploy on the cloud or on premises. Fortinet Fort...
How does Cisco's ASA firewall compare with the Firepower NGFW?
It is easy to integrate Cisco ASA with other Cisco products and also other NAC solutions. When you understand the Cis...
Which is better - Meraki MX or Cisco ASA Firewall?
Cisco Adaptive Security Appliance (ASA) software is the operating software for the Cisco ASA suite. It supports netw...
What is a better choice, Azure Firewall or Palo Alto Networks NG Firewalls?
Azure Firewall Vs. Palo Alto Network NG Firewalls Both solutions provide stellar stability and security. Azure Firew...
Features comparison between Palo Alto and Fortinet firewalls
In the best tradition of these questions, Feature-wise both are quite similar, but each has things it's better at, it...
Which is better - Palo Alto Networks NG Firewalls or Sophos XG?
Palo Alto Networks NG Firewalls have both great features and performance. I like that Palo Alto has regular threat si...
 

Also Known As

FortiGate 60b, FortiGate 60c, FortiGate 80c, FortiGate 50b, FortiGate 200b, FortiGate 110c, FortiGate, Fortinet Firewall
Cisco Adaptive Security Appliance (ASA) Firewall, Cisco ASA NGFW, Adaptive Security Appliance, Cisco Sourcefire Firewalls, Cisco ASAv, Cisco Firepower NGFW Firewall
Palo Alto NGFW, Palo Alto Networks Next-Generation Firewall
 

Overview

 

Sample Customers

Amazon Web Services, Microsoft, IBM, Cisco, Dell, HP, Oracle, Verizon, AT&T, T-Mobile, Sprint, Vodafone, Orange, BT Group, Telstra, Deutsche Telekom, Comcast, Time Warner Cable, CenturyLink, NTT Communications, Tata Communications, SoftBank, China Mobile, Singtel, Telus, Rogers Communications, Bell Canada, Telkom Indonesia, Telkom South Africa, Telmex, Telia Company, Telkom Kenya
There are more than one million Adaptive Security Appliances deployed globally. Top customers include First American Financial Corp., Genzyme, Frankfurt Airport, Hansgrohe SE, Rio Olympics, The French Laundry, Rackspace, and City of Tomorrow.
SkiStar AB, Ada County, Global IT Services PSF, Southern Cross Hospitals, Verge Health, University of Portsmouth, Austrian Airlines, The Heinz Endowments
Find out what your peers are saying about Cisco Secure Firewall vs. Palo Alto Networks NG Firewalls and other solutions. Updated: April 2025.
849,686 professionals have used our research since 2012.