Cisco Secure Firewall vs ShieldX comparison

The compared Cisco and Fortinet solutions aren't in the same category. Cisco is ranked #7 in Firewalls , with an average rating of 8.2, and holds a 6.0% mindshare in the category. Fortinet is ranked #13 in MS , and holds a 0.3% mindshare. Additionally, 82% of Cisco users are willing to recommend the solution, compared to 100% of Fortinet users who would recommend it.

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Sep 16, 2024

Cisco Secure Firewall and ShieldX are both highly-regarded in the cybersecurity market. Cisco seems to have the upper hand due to its comprehensive support and versatile security features.

Features: Users highlight Cisco Secure Firewall's robust threat detection, extensive integration capabilities, and comprehensive security features. ShieldX stands out for its unique microsegmentation, simplified management, and innovative features.

Room for Improvement: Cisco Secure Firewall users note the need for more intuitive configurations, faster updates, and improved user experience. ShieldX users seek better scalability, enhanced user documentation, and expanded feature set.

Ease of Deployment and Customer Service: Cisco Secure Firewall is commended for its detailed deployment guides and responsive customer service. ShieldX users find its deployment process more straightforward but desire quicker customer support response times.

Pricing and ROI: Cisco Secure Firewall's pricing is justified given its extensive support and functionalities, though it is on the higher end. ShieldX offers competitive pricing with a strong ROI due to its advanced features, making it preferable for cost-conscious buyers seeking significant returns.

To learn more, read our detailed Cisco Secure Firewall vs. ShieldX Report (Updated: December 2024).

Buyer's Guide

Cisco Secure Firewall vs. ShieldX

December 2024

Download the complete report

Helped 851,451 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Fortinet FortiGate

Mindshare comparison

Firewalls

Microsegmentation Software

Featured Reviews

EhabAli

Sr. Cybersecurity Solutions Architect at BMB

Efficient, user-friendly, and affordable

In the past, NSS Labs was utilized to test files and verify the numbers and datasheets. It would be beneficial to have an organization or testing lab that can verify the numbers in our datasheets since changes are frequently made, which can be inconvenient for review. For instance, when comparing different competitors such as Forcepoint, Palo Alto, and Check Point, the throughput or numbers in the datasheet may be lower than the actual numbers. Conversely, Fortinet typically reports very high numbers, but they cannot be replicated in the real world. Therefore, it would be advantageous for them to partner with a neutral testing organization such as NSS Labs to validate these numbers, thus providing more credibility and comfort to everyone regarding the accuracy of the datasheets. For the migration, everyone has a firewall in use and I am selling Fortinet. Typically, I am replacing another firewall. Previously, there was a tool available to convert configurations from one firewall, such as Palo Alto, to Fortinet, but this tool is no longer free. If it could be made free again, it would be very beneficial. This tool shows a lot of promise and is very good. Making it free would help many companies deliver their products in a more efficient and integrated way. It would also be more valuable to include the tool with the firewall package or license instead of having to pay extra for it. Paying extra puts more pressure on small companies to deliver the firewall and complete the configuration, especially if they have hundreds or thousands of policies. It's very painful to move through these policies line by line. The stability has room for improvement. When it comes to Secure SD-WAN, everything is fine. They are going the right way. SD-WAN is very promising. They can provide the SD-WAN solution separately, but they will not take this approach because even the smallest firewall can support the features, so there is no need to have a separate service or appliance. They are following the right steps, and there is nothing to be improved. Feature-wise, I'm really satisfied with the new release, and the features they have added. For now, it's fine.

Read full review

Maharajan S

VSO at a computer software company with 501-1,000 employees

Enhances security with precise access control but has integration challenges

Overall, I would rate the product six out of ten. Because of the support and cost, I moved away from Cisco, but otherwise, it is a good product. Recommendation depends on the requirement. If lacking a proper team and being dependent on the OEM and partner, Cisco is not suitable. However, if the team is qualified with Cisco-certified people and the requirement is a big network, it can be considered. In today's hybrid work world, having an expanded gateway is more typical than having a single one. Thus, Cisco is unlikely to be recommended for a hybrid requirement unless in-house skills align. Otherwise, depending on partners and Cisco, it can be a risk. I rate the overall solution six out of ten.

Read full review

MichaelProcyshyn

IT Director at park holidays uk

Proactively monitors, blocks, and reports what it has blocked; and self-updates meaning there is zero maintenance

The most valuable feature is the automatic scaling. With its microservices, it scales both up and down, depending on traffic and throughput. The traffic through our website depends on holiday bookings. It's very quiet in November through January, and then our traffic picks up quite rapidly and, at our peak, we will take in excess of a million pounds of business a day through our website. The UI was also one of the huge selling points. My web development manager was blown away with the detail and the granularity that you can get out of the UI. It is a very strong and informative UI, with the amount of data it provides. Uptime on the system has been 648 days and we do very little to it because it self-updates and alerts. It does everything that we need it to do, so the administration side of it is zero. One of the beauties about ShieldX is that it's such a good "fire-and-forget" product.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"Layer-3 firewall and routing are the most valuable features."

"The usage in general is pretty good."

"Fortinet FortiGate is user-friendly and affordable."

"The next-gen features, the unified threat management capabilities are something that just about everybody is interested in at this point."

"The most valuable features are SD-WAN, application control, IPS control, and FortiSandbox."

"One of the valuable features is a standardized OS."

"Fortinet offers the latest versions to cater to the needs of enterprises."

"The most valuable feature is the FortiManager for centralized management."

More Fortinet FortiGate pros

"Protecting our landscape in general and being able to see logging when things aren't going as set out in policies are valuable features. Our security department is keen on seeing the logging."

"If you have a solution that is creating a script and you need to deploy many implementations, you can create a script in the device and it will be the same for all. After that, you just have to do the fine tuning."

"For business purposes, it's a very detailed solution, which is it's greatest benefit, as you can get almost any piece of information you need from the solution. It allows for admins to be able to troubleshoot pretty easily."

"It's got the capabilities of amassing a lot of throughput with remote access and VPNs."

"Integration with all the other Cisco tools is valuable."

"I like the user interface because the navigation is very easy, straightforward on your left side pane you have all the sites that you need to browse. Unlike any other firewalls, it's pretty straightforward."

"The integration and configuration were pretty straightforward."

"The management aspect of the product is very straightforward."

More Cisco Secure Firewall pros

"We were able to see what devices are talking to each other, giving us more visibility."

"...It takes the exact same policies that you would apply to your on-premise environment and enables you to simply apply them to the cloud. It becomes one policy for both on-prem and for the cloud."

"The UI was also one of the huge selling points. My web development manager was blown away with the detail and the granularity that you can get out of the UI. It is a very strong and informative UI, with the amount of data it provides."

"ShieldX has been designed from the very beginning to work well in cloud environments. It understands autoscaling, automation, and auto-configuration. These are the things which are important in today's operating environment."

"It has helped us tighten our security posture. Now, staff can only access things that they should be accessing."

"The Adaptive Intention Engine is fantastic. It allows us to develop security policies using the language of our internal customers. It's machine-learning applied to security workflows. That allows us to much more easily construct the policies that will protect those workflows."

"The most valuable feature is the automatic scaling. With its microservices, it scales both up and down, depending on traffic and throughput."

Cons

"Fortinet FortiGate should improve the VPN tokens."

"To some degree, it's almost a question as to why some of this stuff isn't simpler. For example, for an AP deployment, while it's integrated, the number of steps that you have to go through in order to get the AP up, seems like a lot."

"Reporting is limited to providing an external appliance for improving the reporting capabilities of the FortiAnalyzer. It does not offer a central management and is also sold separably as an appliance."

"Technical support needs to be improved."

"From a reporting perspective, there's room for improvement. They're providing FortiAnalyzer through which one can get some enhancements, but the visibility and reporting still need slight improvement."

"There is room for improvement related to the logging and reporting aspect."

"A sandbox would be good in order to be able to inspect the emails containing spam and be able to validate the emails that contain malware, prior to delivering to the customer."

"The cloud features can be improved."

More Fortinet FortiGate cons

"The user interface is too complex for people who are not trained to or certified to engage with the product. The interface should be easier to use."

"Its interface is sometimes is a little bit slow, and it can be improved. When you need to put your appliance in failover mode, it is a little difficult to do it remotely because you need to turn off the appliance in Cisco mode. In terms of new features, it would be good to have AnyConnect VPN with Firepower. I am not sure if it is available at the moment."

"The user interface is a little clunky and difficult to work with. Some things aren't as easy as they should be."

"Implementations require the use of a console. It would help if the console was embedded."

"Bandwidth allocation needs improvement."

"There is limited data storage on the appliance itself. So, you need to ship it out elsewhere in order for you to store it. The only point of consideration is around that area, basically limited storage on the machine and appliance. Consider logging it elsewhere or pushing it out to a SIEM to get better controls and manipulation over the data to generate additional metrics and visibility."

"Cisco should redo their website so it's actually usable in a faster way."

"If I need to download AnyConnect in a rush, it will prompt me for my Cisco login account. Nobody wants to download a client to a firewall that they don't own."

More Cisco Secure Firewall cons

"We are having some issues with their LDAP and integrating it with the Active Directory. We can't seem to set it up."

"There should be a bit more customer care, with regular review meetings on it or regular reports. It would be nice to have a quarterly or biannual review of what ShieldX has blocked."

"I would like better reports and in-depth reporting."

"They need to be consistent in performance and capabilities over time, given the fact that this is new and I want to see where this goes in the next year or so. As the vendor continues to evolve and add future functionality, we want to make sure that we are still keeping up with the integrations, etc. Time will be the key factor here. The proper support for some of the latest technologies, Docker containers, etc. They need to keep up with threat landscape, so we will see how the security get layered. This is what we are going to be keeping an eye on."

"With any kind of tool like ShieldX, where you're in the cloud instead of a traditional firewall, you're using CPU resources in those environments to provide the protection. So there's a cost associated with CPU resources. I'm pressing upon them to make the product much more efficient and use less CPUs to do the same thing."

Pricing and Cost Advice

"Fortinet FortiGate is expensive."

"It has been two years. I don't remember the actual price, but it was affordable. We buy the boxes and then use the license for three years."

"It's a very full-featured and it's priced well solution."

"It is expensive. You need to pay for the subscription every year, which is very expensive. The subscription includes technical support and hardware exchange in case of failure."

"Its licenses cost the same for different subscription plans."

"It is more affordable than Check Point and Palo Alto. Another thing is that all the features and the OS remain the same irrespective of the size of the device. Pricing-wise, Fortinet typically provides one-year support with the firewall appliance. There is also an option for three years which is how their licensing works."

"The pricing for this solution is good."

"It's expensive, but compared to the competition it's okay."

More Fortinet FortiGate pricing and cost advice

"When we bought it, it was really expensive. I'm not aware of the current pricing. We had problems with licensing. After our IPS subscription ended, we couldn't renew it because Cisco was moving to the next-generation firewall platform. So, they didn't provide us with the new license."

"When we are fighting against other competitors for customers, whether it is a small or big business, we feel very comfortable with the price that Firepower has today."

"The solution’s pricing is competitive."

"Cisco, as we all know, is expensive, but for the money you are paying, you know that you are also getting top-notch documentation as well as support if needed."

"With the Cisco ASA, you do get what you pay for. What would really be awesome is to see Cisco blow out a real cheap version where you can use the sandbox, but leave it step-wise and go to another product relatively easily, like getting you hooked on candy."

"Cisco pricing is premium. However, they gave us a 50 to 60 percent discount."

"It was initially heavy on my pocket, but it soon actualised its worth."

"The pricing structure for Cisco Secure Firewall can be challenging to manage."

More Cisco Secure Firewall pricing and cost advice

"We are very happy with the pricing and licensing. It's about getting a site-wide license. One of the challenges that we've had with our previous vendor had been the cost of licensing."

"We are actually expecting our costs to drop in the coming year, but it is just a matter of the licensing expiring. That is going to happen in the next six months or so. Then, we will start to see a decrease in overall spend."

"ShieldX ensures that we can have the separation needed for our environment to avoid drastically increasing the cost on the licensing side. From this perspective, it's been very positive and helpful."

"For other security professions who are looking for something which is low in cost that does microsegmentation, they should look at ShieldX. It might not be the big name out there, but it does everything that you are looking for in microsegmentation at a very low price."

"For a three-year deal we paid £55,000 plus tax... But, and this is a big "but," this was over two years ago. ShieldX had only just hit the market. We were the first company in Europe to buy ShieldX."

"Security policies are now applied as applications are going up. Because it's automated, we don't have the three to four week delay. The insertion of applications in the cloud for us dropped from an average of three to four weeks to a couple of days."

"ShieldX also enables us to migrate to cloud environments faster. That is an important part of it for sure because it takes the exact same policies that we would apply to our on-premise environment and enables us to simply apply them to the cloud. It becomes one policy for both on-prem and for the cloud."

See which vendors are best for you

Use our free recommendation engine to learn which Firewalls solutions are best for your needs.

See recommendations

851,451 professionals have used our research since 2012.

Comparison Review

it_user206346

Security Consultant at Webernetz.net - Network Security Consulting

Mar 11, 2015

Cisco ASA vs. Palo Alto Networks

Cisco ASA vs. Palo Alto: Management Goodies You often have comparisons of both firewalls concerning security components. Of course, a firewall must block attacks, scan for viruses, build VPNs, etc. However, in this post I am discussing the advantages and disadvantages from both vendors concerning…

Read full review

Top Industries

By visitors reading reviews

Educational Organization

20%

Computer Software Company

14%

Comms Service Provider

Manufacturing Company

Educational Organization

42%

Computer Software Company

13%

Manufacturing Company

University

No data available

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

No data available

Questions from the Community

Which is the better NGFW: Fortinet Fortigate or Cisco Firepower?

When you compare these firewalls you can identify them with different features, advantages, practices and usage a...

See all answers

What is the biggest difference between Sophos XG and FortiGate?

From my experience regarding both the Sophos and FortiGate firewalls, I personally would rather use FortiGate. I know...

See all answers

What are the biggest technical differences between Sophos UTM and Fortinet FortiGate?

As a solution, Sophos UTM offers a lot of functionality, it scales well, and the stability and performance are quite ...

See all answers

Which is better - Fortinet FortiGate or Cisco ASA Firewall?

One of our favorite things about Fortinet Fortigate is that you can deploy on the cloud or on premises. Fortinet Fort...

See all answers

How does Cisco's ASA firewall compare with the Firepower NGFW?

It is easy to integrate Cisco ASA with other Cisco products and also other NAC solutions. When you understand the Cis...

See all answers

Which is better - Meraki MX or Cisco ASA Firewall?

Cisco Adaptive Security Appliance (ASA) software is the operating software for the Cisco ASA suite. It supports netw...

See all answers

Ask a question

Earn 20 points

Comparisons

Sophos XG vs Fortinet FortiGate

Compared 21% of the time

Netgate pfSense vs Fortinet FortiGate

Compared 13% of the time

WatchGuard Firebox vs Fortinet FortiGate

Compared 5% of the time

SonicWall TZ vs Fortinet FortiGate

Compared 5% of the time

Meraki MX vs Fortinet FortiGate

Compared 4% of the time

More Fortinet FortiGate Competitors

Palo Alto Networks WildFire vs Cisco Secure Firewall

Compared 8% of the time

Palo Alto Networks NG Firewalls vs Cisco Secure Firewall

Compared 6% of the time

Netgate pfSense vs Cisco Secure Firewall

Compared 5% of the time

OPNsense vs Cisco Secure Firewall

Compared 4% of the time

Meraki MX vs Cisco Secure Firewall

Compared 3% of the time

More Cisco Secure Firewall Competitors

Check Point CloudGuard Network Security vs ShieldX

Compared 100% of the time

More ShieldX Competitors

Product Reports

Buyer's Guide

Fortinet FortiGate

May 2025

Download Fortinet FortiGate product report

Buyer's Guide

Cisco Secure Firewall

May 2025

Download Cisco Secure Firewall product report

Buyer's Guide

ShieldX

April 2025

Download ShieldX product report

Also Known As

FortiGate 60b, FortiGate 60c, FortiGate 80c, FortiGate 50b, FortiGate 200b, FortiGate 110c, FortiGate, Fortinet Firewall

Cisco Adaptive Security Appliance (ASA) Firewall, Cisco ASA NGFW, Adaptive Security Appliance, Cisco Sourcefire Firewalls, Cisco ASAv, Cisco Firepower NGFW Firewall

APEIRO, ShieldX APEIRO

Overview

Fortinet FortiGate offers comprehensive network security and firewall protection across multiple locations. It effectively manages data traffic and secures environments with features like VPN, intrusion prevention, and UTM controls.

Organizations rely on Fortinet FortiGate for its robust integration with advanced security policies, ensuring significant protection for enterprises, cloud environments, and educational sectors. It facilitates network segmentation, application-level security, and authentication management, securing communication within and between locations such as branches and data centers. Its efficient SD-WAN and UTM features enable streamlined data management and enhanced threat protection capabilities. Users appreciate its centralized management, facilitating seamless operations across diverse environments.

What are the key features of Fortinet FortiGate?

VPN Capabilities: Ensure secure remote access for users and seamless site-to-site connections.
Intrusion Prevention System (IPS): Detect and prevent security threats and vulnerabilities.
Advanced Firewall: Offers robust firewalling with application control and web filtering.
SD-WAN: Optimizes application performance and enhances bandwidth management.
SSL VPN: Provides reliable and secure access for remote workers.

What benefits should users expect from Fortinet FortiGate?

High-performance Security: Delivers effective threat mitigation with high availability.
Centralized Management: Simplifies network operations with cloud-based management tools.
Detailed Analytics: Provides comprehensive insights into network activity and security threats.
Load Balancing: Ensures optimal resource distribution and traffic management.

Fortinet FortiGate is crucial in sectors like education, offering robust networks for secure data flow between campuses and facilitating remote learning. In enterprise environments, it allows efficient management of application traffic and security across multiple branches, while in the cloud, it seamlessly integrates with diverse platforms to enhance security infrastructure.

Fortinet

Cisco Secure Firewall stands as a robust and adaptable security solution, catering to organizations of all sizes. It's designed to shield networks from a diverse array of cyber threats, such as ransomware, malware, and phishing attacks. Beyond mere protection, it also offers secure access to corporate resources, beneficial for employees, partners, and customers alike. One of its key functions includes network segmentation, which serves to isolate critical assets and minimize the risk of lateral movement within the network.

The core features of Cisco Secure Firewall are multifaceted:

Advanced threat protection is achieved through a combination of intrusion prevention, malware detection, and URL filtering technologies.
For secure access, the firewall presents multiple options, including VPN, remote access, and single sign-on.
Its network segmentation capability is vital in creating barriers within the network to safeguard critical assets.
The firewall is scalable, effectively serving small businesses to large enterprises.
Management is streamlined through Cisco DNA Center, a central management system.

The benefits of deploying Cisco Secure Firewall are substantial. It significantly reduces the risk of cyberattacks, thereby enhancing the security posture of an organization. This security also translates into increased productivity, as secure access means uninterrupted work. Compliance with industry regulations is another advantage, as secure access and network segmentation align with many regulatory standards. Additionally, it helps in reducing IT costs by automating security tasks and simplifying management processes.

In practical scenarios, Cisco Secure Firewall finds diverse applications. It's instrumental in protecting branch offices from cyberattacks, securing remote access for various stakeholders, safeguarding cloud workloads, and segmenting networks to isolate sensitive areas.

User reviews from PeerSpot reflect an overall positive experience with the Cisco Secure Firewall. Users appreciate its ease of configuration, good management capabilities, robust protection, user-friendly interface, and scalability. However, some areas for improvement include better integration capabilities with other vendors, maturity, control over bandwidth for end-users, and addressing software bugs.

In summary, Cisco Secure Firewall is a comprehensive, versatile, and reliable security solution that effectively meets the security needs of various organizations. It offers a balance of advanced protection, user-friendly management, and scalability, making it a valuable asset in the realm of network security.

Cisco

The ShieldX Elastic Security Platform dynamically scales to deliver comprehensive and consistent controls to protect data centers, cloud infrastructure, applications and data no matter where they are or where they go to make the cloud more secure than on-premise deployments. Our frictionless approach leverages agentless technology as well as the ShieldX Adaptive Intention Engine which autonomously translates and enforces intention into a set of comprehensive controls - microsegmentation, firewall, IPS and more - making security the easiest thing you do in the cloud.

Fortinet

Sample Customers

Amazon Web Services, Microsoft, IBM, Cisco, Dell, HP, Oracle, Verizon, AT&T, T-Mobile, Sprint, Vodafone, Orange, BT Group, Telstra, Deutsche Telekom, Comcast, Time Warner Cable, CenturyLink, NTT Communications, Tata Communications, SoftBank, China Mobile, Singtel, Telus, Rogers Communications, Bell Canada, Telkom Indonesia, Telkom South Africa, Telmex, Telia Company, Telkom Kenya

There are more than one million Adaptive Security Appliances deployed globally. Top customers include First American Financial Corp., Genzyme, Frankfurt Airport, Hansgrohe SE, Rio Olympics, The French Laundry, Rackspace, and City of Tomorrow.

Iowa State University

Buyer's Guide

Cisco Secure Firewall vs. ShieldX

December 2024

Free Report: Cisco Secure Firewall vs. ShieldX

Find out what your peers are saying about Cisco Secure Firewall vs. ShieldX and other solutions. Updated: December 2024.

DOWNLOAD NOW

851,451 professionals have used our research since 2012.

See our Cisco Secure Firewall vs. ShieldX report.

We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.